e dot dot dot
a mostly about the Internet blog by

September 2019
Sun Mon Tue Wed Thu Fri Sat
         


This Week In Techdirt History: September 22nd - 28th

Furnished content.


Five Years AgoThis week in 2014, Benjamin Wittes was attacking NSA critics with a big swing-and-a-miss, while Senator Saxby Chambliss was nonsensically invoking ISIS to defend the agency, and John Brennan was getting caught in a tangled web over the CIA spying on Senate staffers. Meanwhile, Apple and Google were moving to encrypt phones by default, leading to a law enforcement freakout with plenty of FUD from the feds, all the way up to James Comey slamming the companies for enacting basic security.Ten Years AgoThis week in 2009, the Techdirt/Lily Allen drama unfolded as the debate around Peter Mandelson's plan to kick UK file-sharers off the internet heated up. First, TorrentFreak discovered that Allen had reposted an entire Techdirt post on her blog without any link or credit, which we noted doesn't bother us but should make her rethink her views on piracy. As other artists like James Blunt and Elton John (in a massive flip-flop) joined Allen in supporting internet disconnection, she apologized for copying the post while entirely missing the point about the ease and innocence of casual copying. She attempted to answer some questions but didn't seem to address any of the really important ones being raised in her blog comments, and then things got sillier: it turned out her own official website was still distributing an early mixtape she made that was full of "pirated" songs. It was our honest hope that this would be a genuine teaching moment, but while Allen did appear to decide that kicking people offline might be too draconian, she mostly just seemed to miss the point some more, and delete her blog.Fifteen Years AgoThis week in 2004, textbook publishers were the ones becoming loud members of the crowd complaining about filesharing, while Wired Magazine was convincing some musicians to experiment with Creative Commons, and for a brief moment it looked like the MPAA might actually face some consequences for bogus DMCA takedowns. WiFi was being plagued with silly patent fights over the technology itself and amazingly even the very idea of offering public internet access, while MusicMatch successfully fended of a patent attack by Gracenote. And AOL became an early adopter of two-factor authentication but with a not-so-great twist: you had to pay a $10 setup fee and $2 per month to make use of it.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 29-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Lawsuit: School Strip-Searched An 8-Year-Old Because Someone Found Feces On A Bathroom Floor

Furnished content.


Here's what we're strip-searching elementary school students for these days: the existence of feces on a school bathroom floor. (h/t Scott Greenfield)

In a lawsuit, a family claims an Edina elementary school strip-searched their son after they suspected him of having an accident in the bathroom.Attorneys say the search was ultimately traumatic for the boy who has suffered mental and emotional distress."This situation is certainly bizarre; it’s unusual and perhaps unique," said attorney Marshall Tanick, who represents the young boy and his mother.
Having discovered diarrhea on the bathroom floor, school administrators decided to do something no school administrator should do: they pulled the 8-year-old child ("W.B." in the lawsuit) into the office, stripped him down, and "searched his naked rectal area" for evidence of floor-pooping.That this was an elementary school makes this an even more egregious violation of the then-second grader's body. Sometimes accidents happen. Looking for "suspects" is a stupid response to the inevitable. Deciding an 8-year-old should be strip-searched and examined in an attempt to link him to the discovery of feces on a bathroom floor is insane.Hence the lawsuit [PDF]. The lawsuit alleges this search was performed without notifying W.B.'s parents and in direct contradiction of school policies, which only allow such extreme measures to be taken in situations involving "imminent danger" or an "emergency health situation." Obviously, nothing here qualifies as either of those, no matter how broadly you choose to interpret those terms.The lawsuit also alleges school policy requires parental notification if such a search is going to occur. That didn't happen here. On top of that, the school has refused to turn over a copy of the incident report to the parents or their legal rep.The lawsuit calls this what it is: assault. That's one of the six violations alleged in the lawsuit, along with battery, intentional infliction of mental and emotional distress, invasion of privacy, and the violation of Minnesota's Data Practices Act, which is tied to the school's ongoing refusal to part with its incident report.The statement from the school district is understandably vague, considering it's being sued and the victim is a minor. But it's still going on the defensive, attempting to portray the strip search and rectal examination of an 8-year-old student as something everyone would see as reasonable if only they had all the details.
District staff acted to support this student, and it is unfortunate that this matter has progressed to this point based on significant misunderstandings of the District’s actions. District staff at all times has the best interests of its students as their primary focus and goal, and the District remains committed to providing the best possible education and environment for its students.
It's hard to misconstrue being ordered to remove your pants so school staff can check your rectal area, but here we are, waiting for that very assertion to be litigated. While it's likely true most of the district staff do have the "best interests of their students" in mind "at all times," there will always be those who think disproportionate responses are the best responses. Some accidents just need to be punished, and as harshly as possible. It's happened far too many times for it to be unimaginable, even if the Edina School District would prefer us to believe otherwise.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 28-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



DC Circuit Hears Oral Argument In The Constitutional Challenge Of FOSTA

Furnished content.


It is impossible to read the tea leaves at an oral argument and come away with any dependable prediction of how the judges will rule. But at the oral argument last Friday at the DC Circuit it appeared that the judges at least understood what they needed to in order to rule in the plaintiffs' favor and revive their Constitutional challenge of FOSTA.Which does not mean they necessarily agreed with the plaintiffs' argument for why the law is unconstitutional. But they don't have to right now. The only question before them was whether the plaintiffs have the standing needed to make that case.The district court originally ruled that they did not. In its decision it basically said, "You've not been hurt, and, based on this particular way of reading the statute, you are not going to be hurt." At the hearing last week the DOJ continued to push this sort of reading, which would find the plaintiffs' activities to be beyond the statute's reach.But, as the panel pointed out, the DOJ's reading of the statute was not the only possible reading of it. The court considered how so many others had read it, noting the changes Reddit had made and, in particular, how Craigslist had responded, which, the court recognized, also bore directly on one of the plaintiff's cited injuries. This plaintiff, Eric Koszyk, a masseuse, had been advertising without incident on Craigslist for 12 years. It was only after FOSTA was passed that this outlet disappeared as Craigslist deleted the sections he had used to advertise, with the statement that it hoped it could someday bring those now-deleted sections back. Surely this widespread reaction to FOSTA's passage is indicative of it presenting an actual risk of liability, the panel pressed. But the DOJ argued that such a conclusion was speculative. Furthermore, when Craigslist said it hoped it could someday bring its sections back, the DOJ argued, it was not a dig at FOSTA but merely an expression of the wish that someday Craigslist could be assured that its site wouldn't be abused.Of course, given that every site is prone to abuse, which is why we have Section 230 in the first place, the DOJ's read of that comment is as suspect as its overly benign reading of FOSTA. But even if it were correct, on either front, it might not matter. As Judge Katsas observed, the question for the court to consider at this stage was whether the way the plaintiffs read the statute, prompting the fear of liability for its activities, is unreasonable. And at this stage, as Judge Griffith reminded, the case law told the court that it needed to "tread lightly." In other words, it was the government's burden to show that the plaintiffs' read of the statute was unreasonable, and it did not seem like the panel was convinced it had met it.Especially not when, as Judge Katsas also noted, the DOJ would not be the only authority interpreting the statute. It's all well and good, the court seemed to say, that the DOJ said it would only enforce the statute in the limited way it represented to the court, but FOSTA is also going to be enforced in state courts in civil litigation and by state authorities who may well have their own read of the statute. The DOJ could not bind anyone involved with adjudicating those actions to read the statute the way it did.It's also questionable whether the DOJ itself feels limited to a benign interpretation of FOSTA. At one point Judge Rodgers stated a belief that there was never a suggestion that sex worker advocates would be prosecuted, to which the plaintiffs pointed out several ways the DOJ had already threatened to.Much of the discussion ultimately hinged on the significance of the statutory language referencing the prostitution "of another person," and whether the "of another person" bit truly limited the scope of the statute. The court also spent time analyzing what the term "facilitating" meant, but no consensus was ever reached. Not only is there the general semantic question of whether the word "facilitating" can really be read as "aiding and abetting," but there is also the substantive question of what kind of behavior this "facilitating" language could still target. If there is a website where people teach sex workers how to use PayPal, thus buttressing their own agency and making them less likely to be exploited by pimps, is that still "facilitating" prostitution?Also, one of the problems with FOSTA is that it makes a mess of mens rea by being unclear about how much knowledge a website can have about how users use their systems. Judge Katsas pointed out that a site like Backpage might not actually have knowledge of individual transactions, yet that's the sort of site the law ostensibly was intended to target. And if it could target Backpage even with this sort of attenuated knowledge of user activity, then whom else could it reach, and how would the plaintiffs not potentially fall within its sights? Judge Roberts commented that FOSTA would seem to catch anyone who simply wanted to make these unlawful acts safer.Overall, though, the biggest takeaway from the hearing is that it is itself striking that three appellate judges and a very able DOJ lawyer could not come to a firm and shared conclusion about how the statute should be read. When some of the most capable legal minds in the country cannot come to such a consensus it is not a hallmark of a well-written or effective statute. It may in fact instead be evidence that it indeed poses a significant threat of constitutional injury that parties like the plaintiffs have standing to complain of, since no one can assure them that it doesn't.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 28-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Canadian ISPs Continue Quest To Bankrupt TVAddons, Site That Hosted Tons Of Legal Kodi Addons

Furnished content.


A few years back we wrote about how various Canadian telcos had appeared to completely lose their minds over TVAddons, a Canadian site that hosted various software add-ons for Kodi (open source home theater software that was originally the Xbox Media Center or XBMC). Now, it is true that there's a thriving market in pirated content via Kodi boxes and the like, but TVAddons was just a site that hosted all sorts of add-ons, and most of them had nothing at all to do with infringing content. As we mentioned in our original article, out of over 1,500 add-ons, only 22 were found to involve infringing content. To put this in perspective, think of the VCR/Betamax in the early years, when Jack Valenti was insisting that it would be the "Boston Strangler" to the movie industry. Back then, a ton of the content being passed around on those tapes would likely be considered infringing -- in part because that was before the industry learned to embrace home video (which quickly became a huge moneymaker for Hollywood). But that was found legal because, as the Supreme Court noted, there were "substantial non-infringing uses" of the technology. It seems pretty damn clear that there are "substantial non-infringing uses" of Kodi add-ons as well, and especially of a platform like TVAddons, that was there just to host those add-ons -- and not to host any infringing content directly.However, as we noted in that original piece, it seemed quite clear that the Canadian telcos were so hellbent on destroying TVAddons and its founder, Adam Lackman, that it didn't seem to care about any of this. They got a special "Anton Piller" order in Canada that allowed their own private investigators to search his home and take his stuff. While this was going on, Lackman called his lawyer, and the lawyers for the telcos literally ordered him to hang up and not talk to his lawyer. As we noted, this wasn't the police -- this was private companies ransacking a guy's house, because some people might possibly use some software that was hosted on his open platform for possibly infringing uses.Years later, it's perhaps not surprising that these Canadian telcos -- namely Bell Canada, Rogers, Videotron and TVA -- appear to have no interest in letting this case end. They remain hellbent on destroying Lackman and the site. While Lackman initially won the first round of the case, in which a court noted that the Anton Piller order was clearly unlawful, he lost on appeal, and was told he needs to pay the legal fees of the giant telcos, even though no actual trial has taken place (all of this is on preliminary issues)Lackman has now been left in the unenviable position of having to set up a GoFundMe just to try to raise enough to pay for the giant telcos legal fees, let alone continue the actual legal fight. The whole setup is ridiculous: giant companies (who never even sent a takedown notice to TV Addons) get to do a private raid, take all of his stuff (which was later recognized as against the law), block him from talking to his lawyer, and then bankrupt him through an ongoing legal process.This kind of story, of course, is not unique. We've seen it play out in many different ways over the years, but it's particularly galling to see how it's playing out here.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 27-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Kazakh Government Takes Down 93k Websites To Site-Block A Single Massage Parlour

Furnished content.


Site blocking. When it comes to law enforcement and IP enforcement efforts, site blocking is the simple man's solution to a very complicated problem. The claim that floats out there in the ether is something like: hey, if we discover sites are breaking the law in some way, we can just order ISPs to block access to the site and the problem's solved. Despite that simplistic send up, the practice of blocking sites in this way inevitably leads to massive collateral damage and flat out abuse. And, yet, those that advocate for site blocking shrug their shoulders at this. After all, if you want to make an IP omelette, you have to break some percentage of the internet, right?But the award for fucking this all up at scale must certainly go to the government of Kazakhstan, which wanted to take a massage parlor's website off of the internet for engaging in some very massage-parlor-y behavior, and managed to pull down 93,000 other websites along with it.

State censors trying to erase the web presence of an erotic massage emporium called Rainbow Spa back in late July did so by ordering the blocking of the site's IP address instead of its domain name.  The ban-happy block was targeted at two IP addresses, reported by local outlet Hola News as 185.165.123.36 and 185.165.123.206. The first of these hosts around 9,500 domains, while the second keeps just over 84,000 websites online.Unfortunately for the bungling censors, these two IPs resolve to shared infrastructure in Russia – including a large number of websites hosted on the Tilda Publishing platform, a sort of Wordpress-style CMS-plus-prebuilt-skins intended for rapid deployment by the unskilled.
First, blocking a website by its IP address in 2019 is hilariously inept. Sites these days routinely share cloud infrastructure through providers. This isn't strictly some cost-cutting measure by web providers, but necessary to secure sites at scale against attack by filtering against malicious traffic. This is how hosts protect against DDoS attacks. To be handing the keys to blocking websites to people that very clearly haven't the slightest clue what they're doing is the kind of thing only national governments can do.Tilda Publishing itself pointed this out.
Blocking a resource by IP address is an outdated and barbaric practice that has long been inconsistent with modern cloud-based IT technologies and access restriction mechanics.
And it's not just that there was so much collateral damage that makes all of this so damning for the Kazakh government. The massage parlor, as I type this, still has one of its websites up and live.It's hard to imagine a better example of why we shouldn't allow government the power to block websites than this.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 27-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Rep. Mark Takano Introduces Bill That Would Keep Companies From Blocking Defendants' Access To Evidence

Furnished content.


When the government doesn't want to talk about its law enforcement tech, it dismisses cases. The FBI has done this on several occasions. First, it told local law enforcement to dismiss cases rather than discuss Stingray use in court. Then it did the same thing with its homegrown malware in child porn cases.But the government can't do everything itself. It purchases software and outsources forensic investigation. All well and good except when it comes to prosecutions. Defendants have a right to access the evidence being used against them. But in court cases where third-party tech is in play, private companies are inserting themselves into the proceedings to demand the courts protect their "trade secrets."Obviously, this makes a mockery of the adversarial system. If defendants can't challenge the evidence being used against them, the government will be encouraged to stack the deck in its favor by offshoring as much of its forensic and investigative work as possible.Fortunately, someone is actually trying to do something about this. Rep. Mark Takano (California) is introducing a bill that would prevent tech companies from helping the federal government screw criminal defendants out of their Constitutional rights.Takano's Justice in Forensic Algorithms Act of 2019 was introduced with this rather clever tweet, featuring a bit of pseudo-coding to drive the point home.

If the government is using third-party tech to prosecute citizens, citizens shouldn't be denied access to information just because some company thinks any examination at all might undercut its market advantage.
“The trade secrets privileges of software developers should never trump the due process rights of defendants in the criminal justice system,” said Rep. Mark Takano. “Our criminal justice system is an adversarial system. As part of this adversarial system, defendants are entitled to confront and challenge any evidence used against them. As technological innovations enter our criminal justice system, we need to ensure that they don’t undermine these critical rights. Forensic algorithms are black boxes, and we need to be able to look inside to understand how the software works and to give defendants the ability to challenge them. My legislation will open the black box of forensic algorithms and establish standards that will safeguard our Constitutional right to a fair trial.”
Congress can't force the court to side with defendants in cases where access to third-party software is at stake. But it can prevent companies from invoking trade secret privileges to prevent defendants from accessing evidence. The bill goes further than just blocking trade privilege interjections. It also would create a national standard for forensic algorithms to ensure they are robust and fair. And that they actually do what they say they do.This process could bring a bit more science to a field that's been mostly mumbo and/or jumbo. And it won't allow law enforcement to create their own forensic black boxes to replace the ones they used to purchase from third parties. It will require input from a number of parties not in the law enforcement profession, ensuring this won't end up being another half-assed effort that shores up the government's belief that all accused parties are guilty until proven guilty.
Directs NIST to establish Computational Forensic Algorithms Standards and a Computational Forensic Algorithms Testing Program and requires federal law enforcement to comply with these standards and testing requirements in their use of forensic algorithms. In developing standards NIST is directed to:- collaborate with outside experts in forensic science, bioethics, algorithmic discrimination, data privacy, racial justice, criminal justice reform, exonerations, and other relevant areas of expertise identified through public input;- address the potential for disparate impact across protected classes in standards and testing; and- gather public input for the development of the standards and testing program and publicly document the resulting standards and testing of software.
This part could take awhile to get up and running. But it's far better than the system currently being used, which has allowed the government's expert forensic witnesses to overstate the certainty of their findings for years on end.The more immediate effect will be the constraints placed on private companies who wish to intercede in criminal cases. The government -- working with its vendors -- will be obligated to provide defendants with a report on the software used, an executable version of the software itself, and its source code. If companies are worried their trade secrets might be exposed in criminal cases, they might want to rethink their partnerships and decide whether the tradeoffs they have to make in court to continue doing business with the government are worth it.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 26-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Chinese Authorities Call For Internet Companies To Add Bias To AI Algorithms -- In Order To 'Promote Mainstream Values'

Furnished content.


Techdirt has been tracking the worsening online surveillance and censorship situation in China for many years now. The latest move concerns the currently hot area of artificial intelligence (AI). It's a sector that the Chinese government understands better than most Western governments, and which it has made one of its technology priorities. The authorities in China know that AI in the form of algorithms is increasingly deployed to optimize and customize Web sites. They have realized that this fact gives them an important new lever for controlling the online world. As South China Morning Post reports, the Cyberspace Administration of China has released its draft regulations on "managing the cyberspace ecosystem", which include the following:

The regulations state that information providers on all manner of platforms -- from news and social media sites, to gaming and e-commerce -- should strengthen the management of recommendation lists, trending topics, "hot search" lists and push notifications."Online information providers that use algorithms to push customised information [to users] should build recommendation systems that promote mainstream values, and establish mechanisms for manual intervention and override," it said.
"Mainstream values" include resources that promote Xi Jinping's writings; party policies and socialist core values; information that displays China's economic and social development; and anything else which helps promote Chinese culture and stability. By contrast, "harmful information" is stuff that is "sexually suggestive, promotes extravagant lifestyles, flaunts wealth or hypes celebrity gossip and scandals."As is increasingly the case, China is in the vanguard of digital culture here. The rest of the world is beginning to wake up to the serious threat of bias as AI-powered algorithms are deployed more widely. China has moved beyond that stage and is now actively weaponizing bias to push a government agenda. This is a useful warning to those who see algorithmic decision-making as the solution to hard problems.For example, it is clear that the only way that the EU Copyright Directive's upload filters can be implemented is through automated filters using AI. As China's latest move makes clear, once those filters are in place on major Internet sites in the EU, it would be easy for governments to require that the software should be tweaked to introduce a little bias -- to protect the children, or society, or whatever. Those who are horrified by what the Chinese authorities are proposing would do well to start arguing for safeguards to stop the same path being taken outside that country.Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 26-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



RomUniverse To Attempt To Crowdfund Legal Defense, Which Isn't Going Well At All

Furnished content.


We recently discussed Nintendo's lawsuit against RomUniverse, part of a longstanding war on ROM sites that seems less than absolutely necessary given just how much cash the company is raking in from its retro consoles and titles. Several commenters pointed out that RomUniverse, while proclaiming that it's a source for those who long ago purchased Nintendo games to preserve those purchases, also engages in plenty of other less than ethical behaviors. This includes offering up books and movies alongside the ROMs, for which it can't really make the same claims. In other words, while Nintendo itself might not be the best paladin to slay RomUniverse, it's not as though the site is on the side of the angels.Given all of that, you would expect the operator of RomUniverse, Matthew Storman, to try to limit the damage here. That certainly doesn't seem to be Storman's plan, however, as he has both publicly stated he will fight the suit and is attempting to crowdfund his legal expenses.

The operator has added a donation option to the RomUniverse homepage and also launched a crowdfunding campaign on GoFundMe, setting a goal of $100,000 to assist with the defense.“RomUniverse.com was founded in 2009 under the notion that users like you should have easy access to the content that you purchased and the ability to relive those childhood moments. It is because of this, that I am asking for your help,” Storman writes.  “Now I know what you’re thinking, this one person is going to take on one of the largest console/gaming manufacturers in the world? And the short answer is YES,” he notes.
To be clear, he's probably wrong. There is a multitude of risk factors here. For starters, ROM sites have always operated on the wrong side of copyright law. Even if we would advise companies like Nintendo that they should leave them alone, they certainly don't have to. RomUniverse can put up as many banners as they like stating that downloads should only occur if the user has purchased an actual physical cartridge previously, but that doesn't suddenly make offering the copyrighted game content not copyright infringement.Add to that the possibility that the owners of the other types of media RomUniverse makes available might see all of this going on and decide to get their own piece of the lawsuit pie and this huge Nintendo lawsuit could suddenly morph into a multi-plaintiff apocalypse for RomUniverse. That's all the more so possible given Storman's public statements.And, finally, if RomUniverse is really relying on crowdfunding to power its legal defense, it seems that nobody bothered to show up to its fundraiser.
On the GoFundMe page, Storman notes that he’s not “greedy” or a scammer. He merely wants to defend his rights and those of others in this “unknown” landscape. In the meantime, the site remains online.While some people may have donated to the site directly, thus far, the crowdfunding campaign on GoFundMe hasn’t gained any traction. After two days, the donation counter is still at $0.
For perhaps other reasons, the page for the GoFundMe for RomUniverse now returns a "Page Not Found" splash page. RomUniverse's site now is soliciting direct donations instead.There are enough clouds on the horizon here that Storman should probably go into damage control mode.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 25-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Police Use Of Force Data Remains A Mess And The FBI's Involvement Isn't Making Anything Any Better

Furnished content.


Trust me, it all goes downhill very fast from the opening statement.

The federal government recently released what some hoped would be the most accurate data on how police departments resolve civilian complaints of police brutality.
"Civilians" were really the only ones holding onto this hope. The FBI -- which has failed for years to collect reliable data on police shootings -- certainly isn't hoping it will ever compile a definitive dataset on cops killing citizens.The law enforcement agencies who were voluntold to send in this data aren't hoping that, at some point in the distant future, they'll provide enough info that citizens can make informed decisions about their protectors/servants level of trigger-happiness.Since no one with any power is truly interested in accurate data, it falls to private parties. For everyone else, there's the annual data dumps by the Bureau of Justice Statistics, which don't come anywhere close to telling the whole story about law enforcement use of force.The report discussed here is the BJS's 2016 report. Working their way backwards from the official stats to the law enforcement agencies that supplied them, the Austin Statesman has found a whole lot of significant discrepancies.
For instance, the survey shows Austin police officers received 20 excessive force complaints in 2015, but Austin police officials said they actually received 22.And while Austin police data and the survey both show authorities determined none of the complaints that year were sustained, there were some discrepancies. The survey says three complaints were unfounded, three were exonerated and 14 were closed administratively, but Austin police said their records show two complaints were unfounded, two were exonerated and 18 were closed administratively.
That one's a relatively minor blip, but when 4,000 law enforcement agencies are sending in bad stats, the numbers get skewed significantly. In some cases, the 4,000 participants (less than a quarter of all US law enforcement agencies) didn't provide any stats because they simply do not "formally document and store complaints." That was the excuse given by nearly 1,000 of the 4,000 "participating" agencies.There are those who make it easy to under-report excessive force complaints simply by never bothering to collect this data. Then there are the 2,000 agencies who report obviously wrong numbers.
Of the other 3,000 agencies, two-thirds reported no excessive-force complaints in 2015, including police departments in San Diego and San Jose, Calif.
The San Jose internal affairs unit blamed this incredible discrepancy on the staffer who filled out the BJS form. Apparently, no corrective action was taken and the head of IA was left wondering why someone reporting complaints to the federal government might put down "0" instead of actually trying to get an accurate count. (Yeah it's a real mystery.)That leaves about 1,000 reports that could be considered reliable. And these reports aren't going to make anyone believe accountability is spreading like wildfire through local law enforcement agencies. Nearly every excessive force complaint filed ends up being discarded.
[O]nly about 7% of formal excessive-force allegations are sustained.[...]Nationwide, around 26% of complaints are unfounded; among the rest, 34% end with exoneration and 22% are not sustained.
That's how it stands in the numbers that possibly can be trusted. Police agencies are exonerating their officers 93% of the time. The FBI is stepping up to make this collection more complete, expanding its coverage of police shooting data to cover times where officers shot at people, wounded them, or killed them. That small expansion won't make much difference. Most excessive force allegations don't involve deployments of deadly force. Those that do tend to result in lawsuits, not ignored complaints. The only thing the FBI is doing here is expanding its already-unreliable dataset -- one that tells an incomplete story about US policing as crafted by a few thousand unreliable narrators.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 25-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



During A Police Raid, Russian Activist Uses Drone To Whisk Sensitive Data To Safety

Furnished content.


Drones have moved beyond the novelty stage, and are now capable of having a global impact. That was shown most dramatically by the recent drone attack on the world's largest oil processing facility in Saudi Arabia. The loss of production has caused the price of oil to spike, and fears about a global recession to mount -- all because of a few tiny drones. An article in the Guardian suggests:

Drones are now an integral part of the inventory of the region's most advanced militaries, and the also-rans. Non state actors have been clamouring to secure them as well -- convinced by the utility of hard-to-detect, dispensable flying toys to be used as weapons of war.
But as Techdirt has noted before, drones are not all about death and destruction. BBC News has an interesting example of a novel use from Russia. It concerns a police raid on the flat of Sergey Boyko, who heads the local branch of the movement of opposition leader Alexei Navalny. Raids were conducted in more than 40 cities across the country, allegedly investigating money laundering, something denied by Navalny's supporters. Elsewhere, the police seized activists' computers and mobile phones. But they came away empty-handed from their raid on Boyko, thanks to the use of a small drone:
The drone was loaded with various hard disks, solid-state drives and flash sticks containing "very important" information that he did not want to fall into the police's hands, according to the activist."Done. The evacuation has been carried out. The drone reached its destination," he says at one point.
The drone's destination was an unnamed friend of Boyko, presumably not an obvious one that the police might easily find in their search for the data. Boyko was clearly expecting to be raided. He not only had the presence of mind to have a drone to hand for the delivery, but he also recorded the police raid as it was happening. The video concludes with a plea for viewers to support the Navalny campaign financially -- a neat way of using the police raid against the authorities who ordered it. The whole episode is another indication of how Russians seem able to keep calm in even the most difficult situations, which is probably just as well given the way that some people drive there.
Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 24-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Court Says Compelled Production Violates Fifth Amendment... Unless The Gov't Takes Certain Steps First

Furnished content.


A federal judge in California has issued a ruling [PDF] on the Fifth Amendment that upholds both the Constitutional right and a request that appears to violate it. It doesn't all fit together perfectly, but the "foregone conclusion" doctrine factors into it. But constraints are put on this conclusion and, ultimately, that's how the government is permitted to carry out this search.It originates, as so many of these do, from a drug investigation. The government believes it can find evidence it needs for its prosecution by searching the phone found on the suspect. Bad news: the phone's contents are locked behind a biometric wall and it needs judicial permission to force the suspect to open the phone for it.The government argued that biometric features like fingerprints, retinas, blood, facial features, etc. are non-testimonial because they are physical evidence, not testimony. Obviously, a face that unlocks a phone is also a face anyone can see. It imparts no knowledge the suspect may want to keep secret. But combined with a locked device requiring biometric input, it actually imparts knowledge law enforcement may not have when they seek compelled production: it identifies the person as the owner of the device.This can be testimonial, depending on the government's foregone conclusions, or lack thereof. The court says as much here:

Here, compelling an individual who is a target of the investigation to use his or her finger or face to unlock a device represents incriminating testimony within the meaning of the Fifth Amendment because it amounts to an assertion of fact that that the individual has the ability to unlock the device, which in turn makes it more likely that the individual locked the device and put the material sought by the warrant on the device.
More to the point, the government's arguments about biometric features not being testimonial is a dodge. Unlike being fingerprinted after an arrest, applying a fingerprint to a phone gives the government what it really wants -- not what it says it wants when it engages in this sort of intellectual dishonesty. The court calls this out:
Unlike a fingerprint or blood sample, which is obtained for the purpose of identifying a particular individual, the only purpose of compulsory application of a biometric feature to a device is to obtain access to the device's contents; the government has no interest in obtaining the physical characteristic (e.g., the fingerprint) per se.
So, if compelled production of fingerprints, retinas, or whatever's needed to unlock a seized phone violates the Fifth Amendment, how does the government work around it? Well, normally the court would examine its conclusions -- what evidence the government already has that links the locked device to the suspect in custody.In this case, the court doesn't go that far. It gets out ahead of this matter and forces the government to reach these conclusions before it can start applying biometric features.
During the execution of the search of the SUBJECT PREMISES described in Attachment A, law enforcement personnel are authorized to compel [named individuals] to apply their respective biometric feature(s) to a smartphone or other electronic device capable of being unlocked by such feature in order to search the contents of the device as authorized by this warrant, but only if the following conditions are met:(1) the device is found on the person of one of the individuals named above or at the SUBJECT PREMISES; and(2) as to a particular device, law enforcement personnel have information that the particular individual who is compelled to apply his or her biometric feature(s) has the ability to unlock that device, such that his or her ability to unlock the device is a foregone conclusion.
This means the government can't find a bunch of devices and start playing fingerprint roulette with this court order. It will have to find devices on certain people and then it still needs to be able to connect the device to the person holding it before it can compel production.This is the balance the court strikes: the government can bypass the Fifth Amendment if it lines everything up first. It's the same sort of compromise courts create for the Fourth Amendment. Unreasonable searches are forbidden. A warrant, granted by the court, allows the government to engage in unreasonable searches. In this case, the court is creating a narrow exception to the Fifth Amendment that forces the government to show its work before it can start compelling production. It's not perfect, but it will have to do until more case law is established and higher-level courts are willing to start handing down precedent.


Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 24-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



This Week In Techdirt History: September 15th - 21st

Furnished content.


Five Years AgoThis week in 2014, new revelations about New Zealand's mass surveillance garnered an angry response from the Prime Minister, who then tried to disprove the claims with declassified documents that did not in fact address them. Soon, a former New Zealand official came forward with his own story of being told to "bury" unflattering documents. Meanwhile, the CIA's John Brennan was refusing to tell the Senate who okayed spying on senators, we learned more about Yahoo's legal battle with the NSA, and the UK's GCHQ was facing another lawsuit in the European Court of Human Rights.Ten Years AgoThis week in 2009, we looked at a variety of questions about IP law, like why we let juries set patent award damages when they keep getting overturned by appeals courts, is copyright compatible with privacy, and why do content creators get control over derivative works? Charlie Brooker delivered a scathing rant against Damien Hirst for his legal action against one such derivative-work creator, and tied it into the issue of file sharing — since UK recording artists were speaking out against the idea of kicking file sharers off the internet, which was really irritating industry insiders and leading them to simply pretend it wasn't happening. Amidst all this emerged the beginning of what would turn out to be a bit of an ongoing spat between Techdirt and Lily Allen.Fifteen Years AgoThis week in 2004, the war against all sorts of abuses of the growing internet was still raging in weird ways: Symantic was trying a new system to fight phishing, the anti-spam industry was a still-growing patent thicket, China was claiming it would help fight spam, and nobody liked California's anti-spyware bill — perhaps because it didn't make sense to attempt a legal definition of spyware. Meanwhile, Nokia and other mobile companies were working on mobile file-sharing systems which, as one might imagine, had entertainment industry folks and wireless carriers kind of freaking out.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 22-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Another Nail In the Coffin Of Corporate Sovereignty, As Massive Asian Trade Deal RCEP Nears Completion Without It

Furnished content.


Remember RCEP? The Regional Comprehensive Economic Partnership is a massive trade deal being negotiated by most of South-East Asia -- including China and India. Although still little-known, it has been grinding away in the background, and is drawing closer to a final agreement. Almost exactly a year ago Techdirt noted that there were some interesting rumors that corporate sovereignty -- officially known as investor-state dispute settlement (ISDS) -- might be dropped from the deal. A story in The Malaysian Reserve confirms that is the case:

After missing several deadlines, member countries of the proposed Regional Comprehensive Economic Partnership (RCEP) have agreed to exclude the investor-state dispute settlement (ISDS) mechanism, a move that might expedite conclusion of the talks by the end of the year.[Malaysia's] Ministry of International Trade and Industry (MITI) Minister Datuk Darell Leiking said all RCEP member states -- 10 Asean countries plus six free trade agreement (FTA) partners namely Australia, China, India, Japan, New Zealand and South Korea -- have decided to drop the ISDS, but the item could be brought up again within two years of the agreement's ratification.
So corporate sovereignty is definitely out of the initial agreement, but could, theoretically, be brought back after two years if every participating nation agrees. Despite that slight loophole, this is a significant blow against the entire concept of ISDS. It's part of a larger trend to drop corporate sovereignty that has been evident for some time now. That still leaves plenty of toxic ISDS clauses in older investment treaties and trade deals, but the tide is definitely turning.Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 21-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Content Moderation At Scale Especially Doesn't Work When You Hide All The Rules

Furnished content.


For quite a while now, we've pointed out that doing any serious content moderation on major internet sites is laughably difficult, if not impossible. Whether done in a purely automated format, or with real human oversight, everything ends up boiling down to just how much collateral damage are we all willing to accept when sites attempt to enforce moderation rules. Even when sites attempt to communicate the rules to the public in a somewhat transparent fashion, such as Facebook, it all inevitably goes to the kind of hell that includes nixing accounts for sharing what is purely art.But when sites don't bother to tell their users what the rules are, even after exacting punishment for violation of those rules? Well, that's when you have a bunch of Twitch streamers wondering what the hell is going on.

Earlier this week, Twitch suspended a streamer named Quqco for wearing a cosplay of Street Fighter heroine Chun-Li on stream, deeming her outfit “sexually suggestive.” This took Quqco—and many others—by surprise, given that the outfit was not overtly risqué. But this was not an isolated incident. In the past few days, Twitch has been cracking down on so-called “sexually suggestive” content more aggressively than usual, and picking some questionable targets for its crusade.
The whole post is long and very detailed and should absolutely be read in full. The article lists numerous examples of Twitch streamers being handed out warnings and suspensions under any number of circumstances that range from cosplaying as Street Fighter characters, to wearing a sports bra and baggy shorts on a stream, to drawing clothed cartoon characters. All those interviewed for the post that were on the receiving end of these warnings or suspensions were completely flummoxed.Especially when their own inquiries into their punishment were being responded to like this.
For example, Fareeha’s warning specifically accused her of wearing “underwear or lingerie,” when she was, in reality, wearing baggy gym clothes in a setting where you’d expect to see them. Twitch’s guidelines around what streamers can and cannot wear are vague and contextual; the sort of attire Fareeha was wearing might not have cut it if a streamer was broadcasting from their bedroom, but streamers regularly wear gym clothes in the gym. Some men even go shirtless. It’s not clear why Twitch singled out Fareeha.
Fareeha specifically believes she may be the victim of another aspect of the internet that makes content moderation at scale impossible: trolls. It turns out that there are dedicated Discord channels out there where people get off on doing mass-reports of Twitch streamers they don't like for any number of reasons. Obviously, those many numbers of reasons often fall into categories that include "they're women doing things we don't like" and "they're people that don't look like us doing things we don't like." The theory goes that whatever automation Twitch has built into its moderation system -- and there surely must be something of that sort of thing -- it's likely to be sensitive to mass reporting of ToS violations. This is being gamed by trolls to get the system to punish Twitch streamers who otherwise would never have been punished.Is that what's happening? Nobody knows, mostly because Twitch is being frustratingly opaque on the matter.
Saruei, who was suspended for drawing “nude” characters, declined to speak to Kotaku out of concern that she could face further repercussions from Twitch. However, prior to her recent suspension, she spoke out against what she feels is “hypocrisy” on Twitch’s part. Suggestive poses apparently aren’t allowed in her drawings, she said, but it’s fine when some people do them IRL.“These are suggestive poses, right?” she said of her own art while discussing her Twitch warning during a recent (now-unavailable) stream. “We agree with that, right? Why I can’t draw waifus like this when there is fucking Twitch girls that can do it?” She went on to express frustration about the lack of clarity that she, like others, has had to deal with. “I hope it won’t happen again, because I asked them ‘What is the problem with these drawings?’” she said. “Is it the clothing or the pose? What is against Twitch guidelines? I need to know.”
Those last two sentences are all you need to hear to recognize the massive problem that is Twitch attempting to do content moderation at a scale that is largely impossible while not being transparent as to how to stay on the right side of that moderation. There is entirely too much gray area, too much room for gaming the moderation, and too much stupid collateral damage to make any of this worth it.Meanwhile, the Twitch streamers who make Twitch's product attractive are stuck trying to figure out what the rules are. Until they decide to go somewhere else, that is.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 21-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Court Shoots Down Cop's Assertion That Driving Without Breaking Any Laws Is 'Suspicious'

Furnished content.


Must be tough out there for cops. Literally everything is suspicious. And there are only so many hours in the day. Since no court is willing to end the tradition of pretextual stops, anything that can be described as suspicious has been used to initiate fishing expeditions.A few courts have called out this tendency to view almost everything humans do as indicative of criminal behavior. This is one of the better call-outs, as it gives some indication of just how many "training and experience" assertions the court has had to wade through while dealing with law enforcement assertions about reasonable suspicion.

A logical reasoning sequence based upon some “training and experience” — because drug traffickers have been seen breathing, then breathing is an indicia of drug trafficking. Because they normally have two hands, then having two hands is an indicia of drug smuggling. Silly — maybe, but one can wonder if that is the direction we are heading. Whether it be driving a clean vehicle, or looking at a peace officer, or looking away from a peace officer, or a young person driving a newer vehicle, or someone driving in a car with meal wrappers, or someone driving carefully, or driving on an interstate, most anything can be considered as indicia of drug trafficking to law enforcement personnel.Maybe this is because drug smugglers just happen to be human beings and being such, they tend to engage in the same innocuous acts in which law abiding citizens engage. See Gonzalez-Galindo v. State, 306 S.W.3d at 896 (observing that “[c]riminals come in all makes and colors. Some have hair, some do not. Some are men, some are not. Some drive cars, some do not. Some wear suits, some do not. Some have baseball caps, some do not. Some want attention, some do not. Some have nice cars, some do not. Some eat spaghetti, some do not. And, sometimes, some even engage in innocent activity.”)
This is in addition to these data points, all presumed to be "suspicious" behavior by law enforcement officers:That's the standard law enforcement holds itself to. Fortunately, some courts refuse to accept this lower standard of suspicion. The Arizona Court of Appeals is one of those courts. This recent decision [PDF] overturns a lower court's inexplicable support of a cop's extremely dubious "reasonable suspicion" claims. (via The Newspaper)The defendant was pulled over by a police officer shortly after leaving a bar. According to the unnamed officer, the defendant's driving was suspicious. Here's what the officer observed:
At the June 2018 evidentiary hearing, the officer testified that, while on patrol for a DUI task force on December 7, 2017 around 9:30 p.m., he first observed Flynn when he was exiting a strip mall parking lot near Dobson and Guadalupe Roads in Mesa. The strip mall contained several restaurants that were open at the time but, because the officer knew there was a hole in a fence on the opposite side of the complex that separated the strip mall parking lot from an adjacent bar, he followed Flynn for approximately two miles. During this time, the officer estimated Flynn’s speed at between twenty-eight and thirty-five miles per hour, never reaching the posted limit of forty-five miles per hour. In the course of following Flynn, the officer observed no traffic violations or other clues of impairment.
This was the entirety of the officer's assertion: that he had observed literally nothing else than a person leaving a strip mall and driving home while obeying all traffic laws and otherwise appearing to be sober.The officer tried to claim that the driver's inability to hit the posted speed limit was itself suspicious. This ignores that fact that a speed limit limits top speed. It does not make driving at a lower speed illegal, nor necessarily indicate the driver is impaired.On top of that, the officer could not deliver any reliable testimony about his speed limit-related observations.
The officer testified he initiated the stop solely because Flynn left the vicinity of a bar and then traveled at a speed that varied but remained below the posted limit. However, the officer did not remember how many times Flynn’s speed varied. He did not have any clear recollection of where the fluctuations occurred or whether Flynn had been required to stop or slow down for any of the seven light-controlled intersections the pair encountered. Nor was he able to testify as to how frequent or great a speed variance would need to be to qualify as a clue of impairment.
With that, the suppression order is reinstated and the prosecution loses all the evidence the cop obtained during his suspicionless stop. The problem, of course, is that a ruling like this won't deter officers from performing suspicionless stops. It will just make them work a bit harder when crafting their assertions. People are still going to get stopped for completely bullshit reasons and allow taxpayers to fund the redress of grievances.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 20-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



LeBron James Declares Victory In Losing Bid For 'Taco Tuesday' Trademark

Furnished content.


It was only a couple of weeks ago that we wrote about LeBron James, part-time NBA superstar and full-time taco-lover, and his attempt to get a trademark for "Taco Tuesday" in the markets of podcasts, entertainment services, and social media. As we mentioned in that post, the idea that LeBron could get such a trademark on a fairly descriptive and widely used term is insane. Nearly as insane, as we noted, as the fact that the Taco John's chain already has such a registered trademark. It was the latter bit that we, as well as many other commentators on the topic, predicted would be the reason LeBron's application would be denied, as it would be identical to an already registered trademark.But the USPTO never ceases to amaze, it seems. While the USPTO did in fact deny the application, the confusing trademark it cited in doing so wasn't Taco John's, but another application for an advertising company out of Nevada.

But there was another preceding trademark filing which Yahoo Finance also caught for “Techno Taco Tuesday” that proved to be a key piece in the downfall of James’ attempt to lock up the rights to Taco Tuesday.The techno twist on the Tuesday was actually trademarked by a Las Vegas entertainment company back in 2018, specifically for the “advertising and marketing services” category for which James was seeking protection. As such, James’ application was denied for being “confusingly similar to the registered mark.”
Okay, so the USPTO decided that the fact that both applications included "Taco Tuesday" and the "Techno Taco Tuesday" application was both filed first and was in the same market as James' application. That might normally be the end of the story, and a particularly boring one at that, except that LeBron's team is declaring victory. Why?Well, because of the other reason the USPTO gave for refusing to approve the trademark.
However, it’s not all bad news for the Los Angeles Laker. James could still respond to the USPTO filing with added or adjusted language within six months if he so chooses. And according to what someone in his circle reportedly told ESPN, James still may have achieved what he set out to do by establishing “Taco Tuesday” as a generic term to cover for any legal claims that could be brought against his use of the term.“In this case, the applied-for mark is a commonplace term, message, or expression widely used by a variety of sources that merely conveys an ordinary, familiar, well-recognized concept or sentiment,” the USPTO examining attorney wrote in the declined trademark filing.
That sound you hear is the clicking of computer mice as every restaurant that has a Taco Tuesday event is bookmarking this ruling for when the Taco John's people come calling claiming trademark infringement. I can't imagine it's going to be terribly long before some company, or group of companies, seek to invalidate the Taco John's trademark that TJ's has wielded like a cudgel for so long, because this statement by the USPTO is fairly clear: "Taco Tuesdays" is generic as all hell.We cast narrow eyes at LeBron for filing this in the first place, but if he can end the madness that is Taco Tuesday trademarks, even I'll call him King.


Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 20-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Australian Aboriginal Flag Mess Is Getting Worse -- All Thanks To Copyright

Furnished content.


One of the longer-running sagas here on Techdirt concerns the disgraceful situation regarding the flag of Australia's Aboriginal peoples. Mike first wrote about this in 2010, and again in June of this year. The problem is that what is now widely regarded as the flag of Australia's First Nations was designed fairly recently by a private individual, not a group representing those peoples, or some official Australian government body. The designer, Harold Thomas, signed a licensing deal with a clothing company, Wam Clothing, which imposes hefty fees for the use of the design, even on non-profit health organizations giving away items that bear the flag:

In August, Wam Clothing charged the Indigenous Wellbeing Centre in Bundaberg AU$2,200 [about $1500] to use the flag on T-shirts it had given to patients who came into the clinic for a preventive health check.
According to an article in the Guardian, the licensing agreement between Wam Clothing and Harold Thomas specified that the design may be used by Aboriginal people for non-profit purposes. However:
Wam Clothing has said the terms of any licence agreements are confidential and legally privileged and only for the benefit of the parties to that agreement. They said the documents seen by Guardian Australia may have been fraudulently created.
Wam Clothing claims that it is the exclusive worldwide licensee for the use of the Aboriginal flag not just on clothing, but also on digital media. To prove the point:
In mid-August, the company issued a "cease and desist" notice to the creator of a Facebook discussion page called "New Aboriginal flag or flags discussion" because its "use of the digital image of the Aboriginal flag on social media platforms are [sic] being used in a negative light".
Copyright and secret deals have made the situation so ridiculous that in June 2019 the Australian Senate passed a motion calling on the national government to do all it could to "ensure that all First Nations peoples and communities can use the flag whenever they want without cost or the need for consent". More recently, the Australian MP Linda Burney called for the government there to sort things out:
"This situation is untenable," Burney said. "It's unthinkable that the use of the Aboriginal flag is now governed by a secret agreement at the discretion of a for-profit company."It is a discredit to the flag's history and the strength it represents."
This is not just about copyright, or the rights of Australia's Aboriginal peoples. For Burney, the issue is personal:
"Like so many proud Aboriginal people, I've got a tattoo of the flag. What are they going to do? Try and cut it out of me?"
Probably best not to give them ideas, LindaFollow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 19-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Monster Energy Opposes Teenager's Trademark Application Over Logos Not At All Similar

Furnished content.


Monster Energy. The company's name is enough to set the average Techdirt reader's eyes rolling. The company that makes sugar-heavy energy drinks has become essentially a caricature of an overly aggressive trademark enforcer. This habit is somewhat surprising, given just how often the company loses lawsuits and oppositions, which one would think would be a deterrent for future behavior. Instead, it almost seems as though every loss only spurs Monster Energy on.This continues on to today, when we learn that Monster Energy filed an opposition to a 21-year-old's trademark application for his business, Monarch Energy. You're probably thinking that the opposition is over the name of the young man's company, which would itself be a stretch as trademark infringement. But, no, it's over the kid's proposed logo.

At age 16, Mason McGuire discovered arthritis in his lower back. The mountain biker, baseball player and motorcycle rider wanted to stay active without aggravating his newfound aches. One year older, the Forest Charter School graduate decided to start his own business to mitigate his problems, and hopefully ease those of others.While taking a business course at Sierra College, the words of one individual continued to ring in his head: “My teacher kept saying, ‘You’ll never learn it until you do it,’” he said.So he did.But on July 30, McGuire received a letter that stunted his company’s development. Monster Energy filed a notice of opposition against his company, Monarch Energy, for violating trademark rules. Specifically, it said McGuire’s logo was too similar to Monster’s.
Are the logos similar? No, they damn well are not.

Trademark imageImage result for monster energy logoOther than the fact that both logos incorporate the letter "M" and both companies list their names below that "M", there is little to nothing similar about these two logos. The names of the companies, both prominently displayed, are different. The fonts are different. The styling around the letter "M" is different. The rest of the trade dress is different. Are people going to be confused by these two company logos? No, they absolutely are not.And, yet, this 21 year old has had to deal with this opposition before even getting his company truly off the ground.

Despite maintaining distinctions, McGuire said he was a bit nervous Monster Energy would file a claim against his company, because of Monster’s history of filing lawsuits, so he tried doing his due diligence before choosing the logo.“I made sure to go over the rules many times that wouldn’t infringe with Monster,” he said. But, he later said he suspected the large energy company might intervene legally anyway.McGuire acknowledges that there is no trademark police per se, meaning that Monster Energy must be aware of smaller businesses trying to exploit its brand. But, he added, the company can drop the court filing once it realizes an entrepreneur is not acting in bad faith.“I don’t care too much that they’re going after me,” he said. But McGuire — who has yet to hire an attorney — said he could lose his business with the possible legal fees needed to combat Monster Energy. He also said he can’t afford a new trademark to change his logo, for which he’s already paid.
Monster Energy doesn't have to care about the harm it's doing, of course, but it certainly should. Especially when this is yet another example of an opposition that never needed to be filed. But because Monster Energy wants to play the bully, a young man that started a business might lose it.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 19-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



History Repeats Itself: Twitter Launches Illegal SF Street Stencil Campaign Just As IBM DId Decades Ago

Furnished content.


Everything old is new again, and the population of tech workers seems to turn over especially fast in the San Francisco Bay Area. I guess I now qualify as an old timer, in that I remember quite clearly when IBM ran a big ad campaign in San Francisco and Chicago to profess its newfound love for Linux. The ad campaign involved stenciling three symbols side-by-side: a peace symbol, a heart, and Tux, the Linux penguin:

The message? Peace, Love, Linux. It didn't make much sense then either. Either way, neither city was happy with the streets being all stenciled up. San Francisco fined IBM $100,000 for graffiti, though perhaps the company figured that was cheaper than buying a bunch of billboards in the same area, and it certainly got more press attention. The story was even more fucked up in Chicago, however. There, one of the random dudes IBM's ad company had hired to paint this ad message all over sidewalks was arrested and sentenced to community service for vandalism. Not great.So, apparently no one working at Twitter was around for that experience nearly two decades ago, because the company has just done the same thing. Just a few days ago I was at the Powell Street BART station and saw it was completely coated in giant posters of tweets, but apparently they're stenciled on sidewalks nearby as well (I seemed to have missed those)
San Francisco wasted little time in pointing out to Twitter that, uh, this is not allowed:
Apt or not, the stencils, created using a spray-paint-like chalk, are illegal, according to Rachel Gordon, spokeswoman for the Department of Public Works.That's not the use of the sidewalks, she said. We can go and document them. If they don't remove them immediately, we'll send a crew to remove them and charge them.Gordon added, Our sidewalks are not to be used for commercial billboards. Twitter has the resources to use appropriate venues to advertise their company.
Twitter has apparently already apologized and said it's trying to figure out why it fucked up:
Twitter responded with the following apology: "We looked into what happened and identified breakdowns in the process for meeting the cities' requirements for our chalk stencils. We're sorry this happened."
I'm just amazed that no one involved in the process remembered the whole IBM thing, but I guess it's just a reminder of how old stories like that fade away.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 18-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



AB InBev Fails To Get 'Patagonia' Trademark Suit Dismissed

Furnished content.


Earlier this year, we discussed a trademark suit brought against Anheuser-Busch InBev by Patagonia, the famed outer-wear maker known best for its association with skiing and outdoor sports apparel. While we usually make a big deal about market separation when it comes to trademark enforcement, this case was notable for two reasons. First, the trade dress choices made by AB InBev for its "Patagonia" beer were quite similar to Patagonia's trademarks, not to mention that AB hosted popup locations at skiing and biking locations to sell its beer, exactly where Patagonia is so well known. Second, AB is a notorious trademark hound, gobbling up all kinds of marks and then wielding them like a cudgel against small entities. If anyone were going to be sensitive to the trademark rights of others, you would think it would be a company like AB. But not so much.Rather than admitting its error and siding for strong trademark rights, however, AB InBev decided to try to get the lawsuit tossed by claiming that "Patagonia" is not actually well known and therefore should not be afforded federal trademark rights. The court took 20 pages to decide that AB InBev was wrong and that the case would move forward.

U.S. District Judge Virginia A. Phillips disagreed, writing in a 20-page order Tuesday that Patagonia has – at this stage in the proceedings – sufficiently shown its mark is both “famous and distinctive” and that promotion of its brand has factored in its $10 billion in sales since 1985.“Assuming these allegations are true and construing the facts in the light most favorable to plaintiffs, plaintiffs have sufficiently alleged that its Patagonia mark is “famous” for purposes of its federal trademark dilution,” Philips wrote.
The sales numbers are really all that was required to refute AB's ridiculous claim. Anecdotally, I can say that I haven't been to a ski mountain in a decade or so, and even I am fully aware of Patagonia's brand. The company has been around forever and is a common site out west.The court also refused to dismiss on AB's claims that it in fact had not abandoned its Patagonia trademark by not using it for half a decade and that there would be no confusion by the public that its "Patagonia"-branded beer would be confused with the clothing company.
Phillips also denied Anheuser-Busch’s request to dismiss on grounds that Patagonia failed to show that customers would associate their beer with its clothing and its brand of environmentalism. The brewer likewise failed in its argument that it had not abandoned the Cerveza Patagonia mark from Warsteiner despite not using the mark for five years.Rob Tadlock, a member of Patagonia’s legal team, applauded Phillips’ ruling as “a well-reasoned opinion rejecting Anheuser-Busch’s effort to avoid defending Patagonia’s claims, including that Anheuser-Busch committed fraud on the Trademark Office and has deliberately tried to confuse customers into thinking that Patagonia Cerveza is produced by Patagonia, rather than Anheuser-Busch.”
Again, where is AB's strong stance on trademark in this case in which it is the one that appears to have run afoul of another's trademark rights? To the shock of this writer, it appears the company has something of a "trademark for me, but not for thee" philosophy.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 18-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Nintendo's ROM Site War Continues With Huge Lawsuit Against Site Despite Not Sending DMCA Notices

Furnished content.


Roughly a year ago, Nintendo launched a war between itself and ROM sites. Despite the insanely profitable NES Classic retro-console, the company decided that ROM sites, which until recently almost single-handedly preserved a great deal of console gaming history, need to be slayed. Nintendo extracted huge settlements out of some of the sites, which led to most others shutting down voluntarily. While this was probably always Nintendo's strategy, some sites decided to stare down the company's legal threats and continue on.One of those sites was RomUniverse, which not only refused to shut down, but essentially boasted that it wasn't scared of Nintendo's legal attack dogs and would continue on. That stance is about to be put to the test, however, as Nintendo has filed a copyright lawsuit seeking enormous damages against the site.

In a complaint filed at a federal court in California, the Japanese gaming giant accuses the site’s alleged operator, Matthew Storman, of “brazen” and “mass-scale” copyright and trademark infringement.“The Website is among the most visited and notorious online hubs for pirated Nintendo video games. Through the Website, Defendants reproduce, distribute, monetize, and offer for download thousands of unauthorized copies of Nintendo’s video games,” the complaint reads.Nintendo states that the site, which has 375,000 members, offers downloads for nearly every video game system it has ever produced.
Now, to be clear, there is nuance to our stance here. Does this constitute copyright infringement of Nintendo's property? Hell yes. Can Nintendo sue over this on solid legal grounds? Of course! Should it do so? Well, that's a more complicated question. You have to wonder just exactly what Nintendo is going to get out of all of these lawsuits. Yes, it may succeed in shutting down this and other sites. But does that mean those that use ROM sites are suddenly going to buy a Nintendo console, retro or otherwise? It's not obvious that the answer to that is "yes." Instead, those pirates will probably just not play Nintendo games at all. Or, more likely, will find another venue for ROMs, and rinse and repeat that process as Nintendo goes on its whac-a-mole expedition.And, given that Nintendo only recently really invested in making retro games available on its consoles, these sites actually did preserve gaming history for millions of people who would otherwise have never played these aged titles. Not to mention that ROM sites are also a place for home-brewed games on these older consoles, which themselves are not infringing.And, finally, if Nintendo really just wanted to combat piracy in all of this, why not at least start with the DMCA process?
RomAdmin from RomUniverse informed us that he hasn’t received anything from Nintendo, no recent takedown notices either. The site does respond to takedown notices.“We’ve always immediately taken down questionable material, per their take down notices,” RomAdmin told TorrentFreak.
Instead, Nintendo went straight to the nuclear option, with a lawsuit asking for potentially over $100 million in damages. Again, it can do this, but given how much money the company is already raking in off of retro gaming... why?

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 17-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



The MoviePass Mess Has Finally Come To An End

Furnished content.


Moviepass is no more. The company's all you can eat movie ticket business model never worked as advertised, and a letter to subscribers informed them that the service would be shutting down over the weekend. Users are supposed to be getting refunds without having to ask for them.MoviePass initially seemed like it might be a plausible idea, though in recent months the company has been exposed for being aggressively terrible at this whole business thing. The service initially let movie buffs pay $30 a month in exchange for unlimited movie tickets at participating theaters, provided they signed up for a full year of service. But it wasn't long before the company began hemorrhaging cash, something made immeasurably worse when it dropped its price point to $10 a month as part of a last ditch attempt to spur growth.A bombshell Business Insider expose offered a stunning look at the company's dysfunction, and executives' interest in focusing on flashy marketing instead of fundamental business basics. Particularly entertaining was the fact that as things began to fall apart, company CEO Mitch Lowe thought it would be a good idea to arbitrarily change the passwords of heavy users so they couldn't actually use the service as advertised:

"Lowe dreaded the company's power users, those high-volume MoviePass customers who were taking advantage of the low monthly price, constantly going to the movies, and effectively cleaning the company out. According to the Motion Picture Association of America, the average moviegoer goes to the movies five times a year. The power users would go to the movies every day."Before Mitch came on it was, 'How do we slow down those users?'" one former employee said. "With Mitch it was just, 'F--- those guys.'"Per Lowe's orders, MoviePass began limiting subscriber access ahead of the April release of the highly anticipated "Avengers: Infinity War," according to multiple former employees. They said Lowe ordered that the passwords of a small percentage of power users be changed, preventing them from logging onto the app and ordering tickets."
With that kind of "leadership," it's probably not too surprising that the effort fell apart. Granted the idea itself wasn't terrible, and individual movie chains have since adopted it with some fairly decent success, something acknowledged in the goodbye letter to company subscribers:
"We still deeply believe in the need for the MoviePass service in the marketplace, to maintain affordable access to theaters and provide movie lovers with choices of where to go to the movies. In August 2017, MoviePass began a transformation of the moviegoing industry by introducing its low monthly price subscription service. Since then, others in the industry have followed our lead. Now, as a result of this transformation, movie lovers throughout the United States have the ability to see movies in theaters using subscription services at prices they can actually afford, albeit with limited choices of theaters using those services."
SEC filings indicated that the company's net loss ballooned from $7.4 million in 2016 to $150.8 million in 2017, in no small part thanks to the $10 Hail Mary price hike attempted by the outfit. And while the company says it has formed a new strategic review committee to explore strategic and financial alternatives for the company, that likely means a bargain basement fire sale of the company's remaining assets in short order. There's also still that ongoing NY AG probe into allegations that the company misled investors as to the sorry state of the company's financials.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 17-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



This Week In Techdirt History: September 8th - 14th

Furnished content.


Five Years AgoThis week in 2014, popular websites across the web participated in Internet Slowdown Day to demand net neutrality from the FCC — driving 1,000 calls per minute to Congress at some points, for a total of 300,000 calls plus 2-million emails and 700,000 FCC comments. It also spurred the big cable companies to waste their money on ads misleadingly pretending to support net neutrality themselves.Also this week in 2014, a court ruling gave a big win for fair use and against "hot news", one cab company was extra-angry about Uber and labeled it a cyber-terrorist group, and newly released memos justifying warrantless wiretapping showed crazy levels of executive branch authority.Ten Years AgoThis week in 2009, Hollywood was continuing its zealous war against Redbox by fearmongering about kids renting R-rated movies, the recording industry in Japan was working with the government on a plan to disable phones that are used to listen to pirated music, yet another DVD release of a classic TV show had to replace its music with new generic stuff due to licensing headaches, some ridiculous exaggeration was exposed in the UK's oft-repeated figure of 7-million file sharers, we got a look at the RIAA's copyright propaganda for schools, and there was yet another attempt to turn content into physical property with universal DRM. After all this, it was nice to read a judge eloquently explaining why copyright is not property... all the way back in 1773.Fifteen Years AgoThis week in 2004, the war against spam continued as WiFi spammers got caught and a major spam ISP finally kicked off 148 spammers — but so did the counterattacks, with a lawsuit against the spam blacklist headed to court and everyone bracing for the incoming deluge of election spam, though there was hope that might not be as bad as expected. One strategy that definitely didn't make sense was combating spam by turning email into a walled garden.Meanwhile, a university was trying to ban independent wifi networks with questionable authority, congress was moving forward with a draconian plan to criminalize file-sharing, and we saw the terrible appeals court ruling in Bridgeport v. Dimension that eliminated the de minimis defense for music sampling (even when the sample is completely unrecognizable) and issued the absurd edict "Get a license or do not sample. We do not see this as stifling creativity in any significant way."

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 15-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Denmark Releases 32 Prisoners Convicted Because Of Flawed Mobile Phone Tracking Data

Furnished content.


A few weeks ago, Techdirt wrote about Denmark reviewing 10,000 court verdicts because of errors in mobile phone tracking data that was offered as evidence in those cases. At that time, it wasn't clear how many of the group were affected by the unreliable data. However, the Guardian reports that 32 people have already been freed. Given the large number of cases involved, it seems unlikely that many have been reviewed in such a short space of time. If that's the case, it is possible that quite a few more verdicts will be overturned, and more people released. Companies providing mobile phone services in Denmark are naturally keen to distance themselves from this mess. Jakob Willer, speaking on behalf of the country's telecoms industry association, said it was not their job to provide evidence:

"We should remember: data is created to help deliver telecom services, not to control citizens or for surveillance," Willer said. He conceded it could be valuable to police, but insisted its primary purpose was to facilitate communication between users.
That's an important point. If the authorities wish to use this kind of data they need to take into account that it was never designed to track people, and therefore has limitations as evidence. Fortunately, Denmark's embarrassing discovery that an unknown number of over 10,000 verdicts may be based on unreliable evidence has been something of a wake-up call for the country's lawyers. Karoline Normann, the head of the Danish law society's criminal law committee, told Agence-France Presse:
"This situation has changed our mindset about cellphone data. We are probably going to question it as we normally question a witness or other types of evidence, where we consider circumstances like who produced the evidence, and why and how."
It's troubling that it didn't occur to the legal profession to do that before. Just because information comes from high-tech sources doesn't mean it is infallible or that it can't be challenged.Follow me @glynmoody on Twitter, Diaspora, or Mastodon.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 14-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Liverpool FC Fans Plan Protest Of Their Own Club Over Trademark Issue

Furnished content.


It was only a few weeks back that we were discussing Liverpool FC, a soccer team playing in the UK Premier League, attempting to get a trademark for "Liverpool", the city in which it plays. While the club has made a point of reminding the public that its application is quite narrow, limited specifically to products and services revolving around soccer, that same public has pointed out there are both other indpendent soccer clubs in the city that would technically be infringing on that applied-for mark and that there is a culture of independent retailers selling fan gear that would get caught up in this as well. Liverpool FC, meanwhile, maintains that it wouldn't go after either group, but instead are interested only in protecting its fans from mass-makers of counterfeit apparel and the like.Which makes it somewhat strange that it's those very fans that are now organizing a protest against the team for its attempt to trademark the city's name.

Liverpool fans are mobilising again. This time it is not in pursuit of glory or organising a massive trek to watch the men in red. They are protesting against the club, a situation the Kop had hoped was consigned to the past.The Spirit of Shankly Supporters Union (SOS) has called for a show of strength during Saturday’s English Premier League fixture against Newcastle United. A decade ago demonstrations were a regular occurrence.
There's a culture for this sort of thing for the Liverpool FC, it's true. Still, it's not great for the message from Liverpool FC that it's doing all of this for the fans, when it's those same fans that are telling them to knock it off.
It remains to be seen exactly how big this protest is going to be, but it's been clear thus far that the soccer club doesn't have any serious support from the public in this move it says is for that same public. And not only is the everyday Joe Soccer Fan concerned. Even Liverpool's mayor has come out stating concern should Liverpool FC have its trademark approved.
Moore has said these independent operators are not the target of the trademark application. It is “not about local traders, it is about large-scale operations that are flooding the market,” he tweeted. The club will, he suggests, come up with a system that will enable them to continue. That idea creates issues of its own, such as cost and the selection process.These assurances have not been enough to assuage many people within the city, including Joe Anderson, the mayor. SOS have asked fans “to support unique independent businesses by wearing a piece of their merchandise” on Saturday. It is a mild shot across the bows that SOS, with characteristic wit, are calling “Independents Day”.
At this point, it's hard to see how any of this worth the trouble for Liverpool FC. Probably time to just cut your losses, guys.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 14-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



THE Ohio State University Loses Its Trademark Application For 'THE'

Furnished content.


Over the past several weeks, we have been discussing a ridiculous trademark application filed by the Ohio State University for the word "the." This entire episode has been a painful reminder of the fallout of the permission culture that has risen up out of strict IP enforcement and an overly-permissive USPTO. The idea that so common a word could be locked up by a public university for any market designation is, ahem, patently absurd. So absurd, in fact, that even OSU alumnus and college football commentator Kirk Herbstreit thought the whole thing was silly.Still, given the Trademark Office's history of approving far too many absurd trademarks, there were still some holding their breaths awaiting its decision on the application. For now, at least, the USPTO has rejected OSU's application, though not quite as forcefully as it should have.

The USPTO's document lists says it was refused because "the applied-for mark as used on the specimen of record is merely a decorative or ornamental feature of applicant's clothing and, thus, does not function as a trademark to indicate the source of applicant's clothing and to identify and distinguish applicant's clothing from others." Basically this ruling says is that the word wanting to be trademarked cannot just be on the apparel, but has to be part of the marketing and must be on the tag or label as well. Ohio State is not using the trademark properly according to the USPTO, and could reapply if they do begin to label their clothing in a way that goes along with the trademark guidelines.
The decision itself leaves the door open for OSU when it probably shouldn't. Essentially, the USPTO is noting the common word in question only in passing, instead focusing on how OSU is trying to use that word on apparel. Basically, the Trademark Office is saying that the manner in which OSU's application says it's going to use the word "the" isn't distinctive or source-identifying, but says perhaps OSU could prove it actually is in the future.
In appropriate circumstances, applicant may overcome this refusal by satisfying one of the following options:(1)        Submit a different specimen (a verified “substitute” specimen) that was in actual use in commerce at least as early as the filing date of the application (or prior to the filing of an amendment to allege use) and that shows proper trademark use for the identified goods in International Class 25.  Examples of acceptable specimens that show non-ornamental use on clothing include hang tags and labels used inside a garment.(2)        Amend to the Supplemental Register, which is a second trademark register for marks not yet eligible for registration on the Principal Register, but which may become capable over time of functioning as source indicators.(3)        Claim acquired distinctiveness under Trademark Act Section 2(f) by submitting evidence that the applied-for mark has become distinctive of applicant’s goods; that is, proof that applicant’s extensive use and promotion of the mark allowed consumers now directly to associate the mark with applicant as the source of the goods.(4)        Submit evidence that the applied-for mark is an indicator of secondary source; that is, proof that the mark is already recognized as a source indicator for other goods or services that applicant sells/offers.    (5)        Amend the filing basis to intent to use under Section 1(b).  This option will later necessitate additional fee(s) and filing requirements.
It's unclear how much of this is pure boilerplate as opposed to specific guidance by the USPTO for this specific application. I would hope it's the former, because I can't begin to imagine how OSU is going to overcome the refusal on any of those counts, given that we're talking about the god damned word "the." The only reason for any of this nonsense is that alumni football players have tended to go on NFL broadcasts and introduce themselves with an emphasis on the word "the." That's literally it. How such practice could make the word "the" source identifying is pure mystery.Given the derision and blowback, one would hope the Ohio State University would now just go away and stop all of this.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 13-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Encryption Working Group Releases Paper To 'Move The Conversation Forward'

Furnished content.


One of the frustrating aspects of the "debate" (if you can call it that) over encryption and whether or not law enforcement should be able to have any kind of "access" is that it's been no debate at all. You have people who understand encryption who keep pointing out that what is being asked of them is impossible to do without jeopardizing some fairly fundamental security principles, and then a bunch of folks who respond with "well, just nerd harder." There have been a few people who have suggested, at the very least, that "a conversation" was necessary between the different viewpoints, but mostly when that's brought up it has meant non-technical law enforcement folks lecturing tech folks on why "lawful access" to encryption is necessary.However, it appears that the folks at the Carnegie Endowment put together an actual working group of experts with very varying viewpoints to see if there was any sort of consensus or any way to move an actual conversation forward. I know or have met nearly everyone on the working group, and it's an impressive group of very smart, and thoughtful people -- even those I frequently disagree with. It's a really good group and the paper they've now come out with is well worth reading. I don't know that it actually moves the conversation "forward" because, again, I'm not sure there is any conversation to move forward. But I do appreciate that it got past the usual talking points. The paper kicks off by saying that it's going to "reject two straw men," which are basically the two positions frequently stated regarding law enforcement access to encrypted communication:

First of all, we reject two straw menabsolutist positions not actually held by serious participants, but sometimes used as caricatures of opponents(1) that we should stop seeking approaches to enable access to encrypted information; or (2) that law enforcement will be unable to protect the public unless it can obtain access to all encrypted data through lawful process. We believe it is time to abandon these and other such straw men.
And... that's fine, in that the first of those statements is not actually the position those who support strong encryption actually hold. I mean, there have been multiple reports detailing how we're actually in the "golden age of surveillance", and that law enforcement has so much greater access to basically every bit of communications possible, and that there are plenty of tools and ways to get information that is otherwise encrypted. Yes, it's true that some information might remain encrypted, but no one has said that law enforcement shouldn't do their basic detective work in trying to access information. The argument is just that they shouldn't undermine the basic encryption that protects us all to do so.Where the paper gets perhaps more interesting is that it suggests that any debate about access to encrypted data should focus on "data at rest" (i.e., data that is encrypted on a device) rather than "data in motion" which is the data that is being transferred across a network or between devices in some form. The paper does not say that we should poke holes in encryption that protects data at rest, and says, explicitly:
We have not concluded that any existing proposal in this area is viable, that any future such proposals will ultimately prove viable, or that policy changes are advisable at this time
However, it does note that if there is a fruitful conversation on this topic, it's likely to be around data at rest, rather than elsewhere. And, from there it notes that any discussion of proposals for accessing such data at rest must take into account both the costs and the benefits of such access to determine if it is viable. While some of us strongly believe that there is unlikely to ever be a proposal where the costs don't massively outweigh the benefits, this is the correct framework for analyzing theses things. And it should be noted that, too often, these debates involve one group only talking about the benefits and another only talking about the costs. Having a fruitful discussion requires being willing to measure both.From there, the group sets up a framework for how to weigh those costs and benefits -- including setting up a bunch of use cases against which any proposal should be tested. Again, this seems like the right approach to systematically exploring and stress testing any idea brought forth that claims it will "solve" the "problem" that some in law enforcement insist encryption has created for them. I am extremely skeptical that any such proposal can pass such a stress test in a manner that suggests that the benefits outweigh the costs -- but if those pushing to undermine encryption require a "conversation" and want people to explore the few proposals that have been brought up, this is the proper, and rigorous, way to do so.The question, though, remains as to whether or not this will actually "move the conversation forward." I have my doubts on that, in part because those who keep pressing for undermining encryption have never appeared to have much interest in actually having this type of conversation. They have mostly only seemed interested in the "nerd harder, nerds" approach to this, that assumes smart techies will give them their magic key without undermining everything else that keeps us secure. I fully expect that it won't be long before a Willam Barr or Chris Wray or a Richard Burr or a Cy Vance starts talking nonsense again about "going dark" or "responsible encryption" and ignores the framework set out by this working group.That's not so say this wasn't a useful exercise. It likely was, if only to be able to point to it the next time one of the folks listed above spout off again as if there are no tradeoffs and as if it's somehow easy to solve the "encryption problem" as they see it.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 13-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



The NY Times Got It Backwards: Section 230 Helps Limit The Spread Of Hate Speech Online

Furnished content.


A few weeks back, we wrote about the NY Times absolutely terrible front page of the Business Section headline that, incorrectly, blamed Section 230 for "hate speech" online, only to later have to edit the piece with a correction saying oh, actually, it's the 1st Amendment that allows "hate speech" to exist online. Leaving aside the problematic nature of determining what is, and what is not, hate speech -- and the fact that governments and autocrats around the globe regularly use "hate speech" laws to punish people they don't like (which is often the marginalized and oppressed) -- the entire claim that Section 230 "enables" hate speech to remain online literally gets the entire law backwards.In a new piece, Carl Szabo, reminds people about the second part of Section 230, which is what says that websites aren't held liable for their moderation choices in trying to get rid of "offensive" content. Everyone focuses on part (c)(1) of the law, the famous "26 words" that note:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
But section (c)(2) is also important, and part of what makes it possible for companies to clean up the internet:
No provider or user of an interactive computer service shall be held liable on account of
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected; or
(B) any action taken to enable or make available to information content providers or others the technical means to restrict access to material described in paragraph (1)
That part was necessary to respond to (and directly overrule) the ruling in Stratton Oakmont v. Prodigy, in which a colorful NY judge ruled that because Prodigy moderated its forums to keep them "family friendly," it was then legally liable for all the content it didn't moderate. The entire point of 230 was to create this balancing carrot and stick, in which companies would have incentive both to allow third parties to post content but also to make their own decisions and experiment with how to moderate.As Szabo notes, it's this part of (c)(2) that has kept the internet from getting overwhelmed by spam, garbage and hate speech.
Section 230(c)(2) enables Gmail to block spam without being sued by the spammers. It lets Facebook remove hate speech without being sued by the haters. And it allows Twitter to terminate extremist accounts without fear of being hauled into court. Section 230(c)(2) is what separates our mainstream social media platforms from the cesspools at the edge of the web.[....]While some vile user content is posted on mainstream websites, what is often unreported is how much of this content is removed. In just six months, Facebook, Twitter, and YouTube took action on 11 million accounts for terrorist or hate speech. They moderated against 55 million accounts for pornographic content. And took action against 15 million accounts to protect children.All of these actions to moderate harmful content were empowered by Section 230(c)(2).
What isn't mentioned is that, somewhat oddly, the courts have mostly ignored (c)(2). Even in cases where you'd think the actions of various internet platforms are protected under (c)(2), nearly every court notes that (c)(1)'s liability protections also cover the moderation aspect. To me, that's always been a bit weird, and a little unfortunate. It gets people way too focused on (c)(1), without realizing that part of the genius in the law is the way it balances incentives with the combination of (c)(1) and (c)(2).Either way, for those who keep arguing that Section 230 is why we have too much garbage online, the only proper response is that they're wrong. Section 230 also encourages platforms to clean up the internet. And many take that role quite seriously (sometimes too seriously). But it has resulted in widespread experimentation on content moderation that is powerful and useful. Taking away Section 230's protections, or limiting them, will make it that much more difficult.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 12-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



USPTO Gets One Right: Refuses To Allow Farmers Market To Trademark City's Nickname

Furnished content.


We don't spend a great deal of time here patting the USPTO on the back for getting things right, but occasionally the agency surprises us. When it comes to trademarks being granted for city or town names, the Trademark Office has a higher bar for approval but is still far too permissive. When it comes to widely used nicknames for cities and towns, the Trademark Office's rubber-stamp methods have caused issues. The point here is that, whether its a city's name or nickname we're talking about, neither are good source identifiers, given both their wide use and the fact that both serve as geographic descriptors.But, again, sometimes the Trademark Office gets things right. Such is the case with Soda City Market, a farmer's market organization in Columbia, SC, that applied for a trademark on its name.

The U.S. Patent and Trademark Office has given the company that runs the popular Saturday market an initial refusal to its patent application. One of the cited objections by the office: Soda City now is a common nickname that cannot really be trademarked, like the name of a city itself.Another issue raised by the trademark office: there’s another potential trademark out there that was filed for earlier.Soda City FC, a semi-professional soccer team, had filed earlier to trademark its name, creating the potential for a conflict. Its bid also has received preliminary objections from the trademark office.
This is the right response on both counts. We've seen issues in the past when city names and nicknames are approved for trademark even in very specific markets, such as soccer clubs. To allow entities to lock up such a commonly used phrase, which also is geographic in nature, is practically begging for conflict. As for the farmer's market, it applied for its mark in market designations such as "public events", which, hoo-boy if that had been approved.Now, the farmer's market could appeal the decision, but it sure seems like that would be more trouble than it's worth. Why the market felt the need for trademark protection on such a generic name in the first place is beyond me.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 12-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



The Internet Remains Broken In The Ninth Circuit And, At Least For Now, The Third

Furnished content.


Hopes that the Ninth Circuit would correct its earlier awful ruling against HomeAway and Airbnb were dashed recently when the court denied the petition for rehearing. We had supported that petition because the original decision read in an exception to Section 230's statutory protection that is not present in the statute, is out of step with prior precedent (including in the Ninth Circuit itself), and threatens the Internet economy. Unfortunately, now that rehearing has been denied, any platform that facilitates commercial speech, and whose revenue model depends on facilitating the transactions arising from commercial speech, will no longer be able to reliably depend on Section 230's protection, at least not in the Ninth Circuit.It also remains vulnerable in the Third. The Oberdorf v. Amazon case allowed a products liability claim to proceed against Amazon based on Pennsylvania law. Subsequently, a district court in New Jersey - a state within the Third Circuit, for which the Oberdorf would be binding precedent - decided to allow a similar products liability claim to proceed against Amazon based on New Jersey law, finding that, under its relevant statute, Amazon is a "seller" for purposes of its products liability law.All these decisions are troubling, and the New Jersey one pointedly illustrates why. Not only does this decision incorporate the same analytical defects as the previous decisions, but it also reflects how all the ignorance about and hostility toward Section 230 of late has been infecting the courts.As we explained before, all these decisions look past these platforms' role as an enabler of other people's speech. In the case of Amazon, it is other people who say they have something to sell. Denying these platforms Section 230 protection for this sort of user speech means that few, if any, platforms will be able to remain available to facilitate similar commercial speech offering something to sell. Before cheering how this state of affairs might hobble Amazon, however, bear in mind that it will hobble ANY platform that offers independent merchants a chance to offer their goods to a wider audience - including platforms that might be able to compete with Amazon. The more distaste we have for large, incumbent market players, either as platforms or even direct merchants, the more this turn of events should alarm us, because it will ensure we remain stuck with the ones who are already well-capitalized enough to endure this liability minefield and prevent us from getting any new ones.In most of these cases the courts tried to pretend that there is something different about Amazon's relationship with third party vendors that should put them on the hook for their liability. In this case, the New Jersey court didn't like that Amazon fulfilled orders, or otherwise reserved the right to exercise editorial control over the listings it hosted.

It is true that the agreements did not make Amazon the ultimate decisionmaker as to the prices or physical qualities of the product. As to the sale process, however, the level of control was greater. For example, Amazon processed all payments. [The seller] was required to provide information about its product in the manner that Amazon prescribed. Amazon exercised control over the listing itselfin particular, it retained the right to change, suspend, prohibit or remove listings. If notified that a product was defective, Amazon had the power to take it off the shelf, i.e., to remove the website listing and thereby shield innocent consumers. Under the EBA program, Amazon even had the right to dispose of products that were defective. Compare Oberdorf in which the vendor did not use Amazon's fulfillment services, so Amazon never physically possessed or shipped the product. Not so here. The vendor in our case signed the FBA and used the fulfillment services, so Amazon physically took custody of, packaged, and shipped the scooter which injured the plaintiff. [p. 26]
The above paragraph shows how a significant problem with this decision is how the court seriously overestimates just what sort of "control" Amazon actually has over the products sold through it. In reality there is no practical way for Amazon to police all the listings for all goods that all its users try to sell. The court confused Amazon's efforts to contractually reserve the right to try to police the listings anyway, which is exactly the sort of policing that Section 230 tries to encourage, with the actual ability to police each and every listing, which is functionally impossible. Just as Amazon could not possibly police all of its user reviews, and Section 230 exists to relieve them from the burden of this impossible task by shielding them from liability arising from these reviews, it could not possibly police all of its listings either, and so Section 230 should similarly insulate them from liability from this form of user expression too. Courts have been wrong to deny them this statutory protection, and especially so when this denial has been based on the unfounded and erroneous assumption that all this policing was something a platform could actually do.Meanwhile, the fact that these decisions each quibble over the definition of "seller" under each individual state's law, on their way to deciding whether transactional platforms like Amazon should be liable for problems with their users' content, is itself further evidence that this sort of judicial inquiry should have been barred by the statute entirely. One of Section 230's most important provisions is its preemption provision, which forbids any state or locality from mucking about with its local law in a way that interferes with the reliable protection Section 230 is supposed to provide any online service provider, whose services are inherently available across the nation. It's easy to understand that this provision means that states can't change their definition of "defamation" in order to make a platform become liable for user content. But courts seem to be struggling to recognize that this provision should apply to any other state that would seek to make a platform liable for something wrong in their users' content (in this case the offer to sell a defective product). Allowing platforms' liability to hinge on the specific drafting of these state laws turns Section 230's protection into something inconsistent and provincial, instead of predictable and therefore useful, as Congress had intended.The New Jersey decision did not blaze new ground here, however; it ended up being fairly consistent with the Oberdorf decision that preceded it. But it is notable for its candid hostility toward, and, dare I say, ignorance about, Section 230. In particular, in a chilling footnote, it dismissed Professor Jeff Kosseff's well-researched book, "The Twenty-Six Words That Created the Internet," and instead cited one of the completely fictional diatribes recently published in the New York Times as one of its sources underpinning its erroneous belief in the limits of Section 230.
I am not oblivious to the context or the stakes here. It has been said that the twenty-six words of Section 230 of the CDA, enacted in 1996, made e-commerce itself economically feasible by permitting platforms such as Amazon.com to match sellers with buyers without taking on the seller's liabilities. See, e.g., J. KOSSEFF, The Twenty-six Words that Created the Internet, Cornell University Press (2019). It would perhaps be more sober and accurate to say that the twenty-six words of Section 230 promoted or facilitated important aspects of the internet as we now know it. A recent New York Times article, to pick an example almost at random, is a useful backgrounder on Section 230's evolution as a tool for promotion of e-commerce (whether sly or serendipitous depends on your point of view). https://nvw.nytimes.com/2019/08/06/technology/section-230-hate-speech.html The article notes that political leaders as ideologically diverse as House Speaker Nancy Pelosi (D-CaI) and Senator Ted Cruz (R-Tex) have publicly criticized Section 230 as a giveaway to the tech industry, and have raised the possibility of reform or abolition. [fn. 18]
The court does go on to say that it was only crediting the animus against Section 230 insofar as it applied to e-commerce.
These e-commerce issues are to be distinguished. however, from others that are driving the current debate, such as Section 230's grant of immunity for speech-based harms such as hate speech or libel. Id.; see also Reno v. ACLU, 521 U.S. 844 (1997). [id.]
But this clarification is hardly reassuring. Not only does it ignore that commercial speech is inseparable from any other sorts of expression Section 230 reaches, but if the court was in any way relying upon this ignorant media coverage, which almost universally misunderstand the purpose, value, and mechanics of the statute, then no wonder it felt comfortable ignoring them itself in gutting this critical statutory protection.Fortunately, the one bit of tentative good news is that, unlike the Ninth Circuit, the Third Circuit has now granted rehearing of its Oberdorf decision. And, as a result, the district court in New Jersey has stayed the effect of its own decision, pending that reconsideration. Hopefully on further review the Third Circuit will be able to recognize how Section 230 is supposed to apply to even these transactional platforms, and the importance of not interfering with this operation.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 11-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Tales From The Platform Wars: Steam Dev Says Calling 'Metro Exodus' Epic Exclusive Unfair Wasn't Intended To Incite

Furnished content.


With us now getting on into nearly a year of the new PC gaming platform war between Valve's Steam platform and the Epic Store, you might have forgotten how this all got kicked off. Before Epic pulled a Healthcare.gov with its platform release, and before crowdfunding efforts to fund PC games began taking a hit, and even before this whole thing transformed into mostly a PR war being fought with the PC gaming fanbase, there was Metro Exodus. The game was the first major title to announce an Epic Store exclusive deal for 6 months and that announcement came shortly after the game also became available for pre-order on Steam. This, understandably, pissed off a great many people. Including, it seems, the folks at Steam, who put out a statement on the game's page. The results were as predictable as the sun rising in the East.

On Monday, the latest game in the series, Metro Exodus, became an Epic Games Store exclusive, prompting Valve to call the sudden departure “unfair to Steam customers.” For some Steam users, that’s served as a rallying cry.  This has led to sustained outcry in the form of everything from review bombs of previous series entries Metro 2033 and Metro: Last Light to irate comments on every possible social media post associated with the game.
The review-bombing kicked off almost immediately and continued for days. And not just on that game's page, but on game pages for other Metro titles. Then, as other games went Epic exclusive, the review bombing continued, even after Steam put some tepid efforts in place to remove such review-bombs that were not relevant to the game itself.Again, this was entirely predictable. Valve isn't made up of stupid people and this was widely seen as an effort to weaponize the Steam community to punish game publishers that chose to go with Epic. It's difficult to see it as anything else. That hasn't stopped some folks at Steam from trying to pretend otherwise, however.
Speaking to Kotaku during a Valve event in Seattle last week, Steam business developer and designer Nathaniel Blue said the company did not intend to legitimize the outsized backlash to Metro Exodus’ Epic store exclusivity when it put a comment on that Steam page. The use of the word “unfair,” he said, was meant to reference the timing of the announcement rather than the entire concept of exclusivity.“I don’t think that was our intent to upset people,” Blue said. “It wasn’t the intent of the message. It was more about the timing. The game was about to launch, and then it was [exclusive to the Epic store]. So that was the only goal of that. What came out of that was not what we expected. It wasn’t meant to be this lightning rod.”
The integrity of this specific developer aside, this is flatly unbelievable. The best that could be said here is that the entirety of the Valve team that had any hand in posting the message to the Metro Exodus was laughably out of touch with the gaming community. Frankly, that's not something I would want to be admitting to if I were Valve. More likely is that Valve knew exactly what it was doing, but perhaps didn't expect the backlash to be quite so severe. So severe, in fact, that it created problems for Steam devs themselves, who suddenly had to figure out how to combat these review-bombs to save face with the gaming industry as a whole.It is worth noting here that Valve has refrained from commenting similarly on any other Epic exclusives.
“I don’t know that we’d go back in time and change it necessarily, but I can say that in the future we didn’t say anything,” he said. “In the future we didn’t continue to do that because our goal is not to upset the community or light anyone’s hair on fire. Our goal is to get developers close to customers, have a really valuable place for people to play games, and stay focused on that.”
There is plenty of room for disagreement on what Epic's entry into the marketplace, and its specific tactics, means for the gaming industry as a whole. That being said, this claim by Valve doesn't ring true.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 11-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Investigation Uncovers Mass Purging Of Phoenix Police Department Misconduct Records

Furnished content.


There's nothing about American policing that police unions can't make worse. A powerful obstacle standing in the way of accountability and transparency, police unions ensure Americans remain underserved by their public servants.Police unions have defended such things as tossing flashbang grenades into rooms containing infants and the elimination of drug testing for officers. They've repeatedly tried to thwart legislation that would provide more public access to police misconduct records and have often verbally attacked anyone who questions the actions of law enforcement.What they're best at doing is tipping the scale in favor of bad cops. Apparently laboring under the pretense that even a bad cop is a better person than anyone not wearing the blue, unions effectively neutralize oversight by ensuring city and state agencies cannot easily access discipline records. Then they go further, preventing even the police from policing themselves.Justin Price's report on the whitewashing powers of the Phoenix (AZ) PD's union contract is a jaw-dropping read. But it's not an anomaly. There are contracts like this in place all over the nation. But AZ Central's investigation shows just how much has been swept under the rug to "protect" cops from the people they serve.

Phoenix Police Sgt. Philip Roberts was suspended from the force for 30 days after an internal investigation concluded he failed to properly manage a 2015 incident where officers shot and killed a mentally ill man.Lt. Dalin Webb received a written reprimand for his 2013 arrest on domestic violence charges in which he reportedly shoved his wife and choked his teenage son.Officer Joshua Wayne Beeks was suspended for 15 days when the Department discovered he was involved in three unauthorized high-speed pursuits in a single year that killed two people.But there's little indication in Phoenix Police Department personnel and internal investigations records that those officers were ever disciplined.That's because Roberts, Webb and Beeks, like hundreds of other Phoenix police officers in recent years, were allowed to erase records of their misconduct from files kept by the Police Department.The practice, which the Department refers to as "purging," has been standard for more than two decades under the police union's contract, but the public has been unaware of it.The contract also prohibits misconduct detailed in the purged records from being considered in future disciplinary investigations or performance evaluations.
If the goal is to keep bad cops employed indefinitely, it's been super-effective. Over 500 of the city's 3,000 officers have had their pasts memory-holed by the union contract, covering over 600 misconduct incidents ranging from failure to complete reports to deployments of excessive force.The purging prevents even internal investigators from discovering patterns of misconduct that should result in harsher discipline or termination. It also prevents plaintiffs suing officers over violated rights from obtaining key background info that could indicate an officer is a longtime abuser of citizens. In one case cited in Price's report, the PD began purging an officer's records as soon as the officer had been served.The lack of a paper trail results in things like this happening:
Purged records don't appear in a file review.Those records also don't show up during annual performance evaluations.Officer Kevin McGowan, for example, earned top marks in his 2015 evaluation despite being disciplined for serious misconduct during the previous year.An internal investigation concluded McGowan used excessive force when he stomped on an 18-year-old man’s neck, driving his face into the tile floor of a convenience store and knocking out three of the man's teeth.The incident was captured in surveillance footage taken from the store.
McGowan was initially fired, but the union interceded and he ended up with only a 30-day suspension. A few years later, the disciplinary files were purged, resulting in this cop being commended for being such a great cop. Phrases like "positive attitude" and "community contributor" were tossed around by supervisors unaware of McGowan's recent past.AZ Central's investigation involved comparing the list of disciplinary files sent to the city's Human Resources Department by the Fiscal Management Bureau with the list of misconduct records maintained by the PD's Professional Standards Bureau. What's considered to be an officer's "permanent record" is maintained by the city's HR department. "Maintained" is definitely overstating things.
By cross-referencing the two sets of records, The Republic identified hundreds of disciplinary cases that had been hidden from internal affairs and the Department's leadership.Over five years, records of 90% of all sustained misconduct investigations had been erased.
Some of these records are supposed to be maintained for at least five years, according to the contract language. But AZ Central found multiple cases where files had been memory-holed ahead of schedule. Files detailing incidents that resulted in suspensions of over 80 days are never supposed to be purged, but the investigation discovered many of those were missing as well.The PD explains away all this opacity by saying it increases officer morale. And of course it would. Many employees in many different fields would feel better about themselves and their jobs if they knew their misconduct would never be used against them. But the PD doesn't serve itself. Or at least, it shouldn't. It serves the public. And nothing about this union contract shows any concern about the public or its morale.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 10-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



How The Cyber Insurance Industry's Bottom Line Is Fueling Ransomware

Furnished content.


The past decade or so has seen an explosive upward trend for the cyber insurance industry. Given the rise of malware, particularly of ransomware, it's perhaps not surprising that an insurance market sprouted up around that reality. It's gotten to the point that those of us who's day to day business is managing client networks in the SMB space are now regularly fielding requests for how to obtain cyber insurance.But when you begin to dig into how that industry operates and the methodology by which it advises its clients, it becomes quickly apparent that the cyber insurance industry itself is fueling the growth in ransomware attacks worldwide. ProPublica has a long and fascinating post on the topic, first discussing a real world example concerning a municipality that was hit with ransomware, attempted to resolve this on its own through restoration of backups, but ultimately was advised by its cyber insurance partner to pay the ransom. In doing so, the municipality was out only its $10k deductable, while the insurance company paid out over $400k to the attacker. This was seen as a good deal for the municipality.But was it? It turns out that the IT department for the city was putting together a restoration plan. That plan would take time to implement, require the involvement of outside consultants, and would require overtime work by the IT staff. All of that, of course, would be paid for by the cyber insurance company if the city went down that path. Instead, the ransom was paid.This highlights two troubling trends in the cyber insurance industry. The first trend concerns how insurance companies advise their clients when attacked... and why they advise them in the way they do.

A spokesperson for Lloyd’s, which underwrites about one-third of the global cyber-insurance market, said that coverage is designed to mitigate losses and protect against future attacks, and that victims decide whether to pay ransoms. “Coverage is likely to include, in the event of an attack, access to experts who will help repair the damage caused by any cyberattack and ensure any weaknesses in a company’s cyberprotection are eliminated,” the spokesperson said. “A decision whether to pay a ransom will fall to the company or individual that has been attacked.” Beazley declined comment.Fabian Wosar, chief technology officer for anti-virus provider Emsisoft, said he recently consulted for one U.S. corporation that was attacked by ransomware. After it was determined that restoring files from backups would take weeks, the company’s insurer pressured it to pay the ransom, he said. The insurer wanted to avoid having to reimburse the victim for revenues lost as a result of service interruptions during recovery of backup files, as its coverage required, Wosar said. The company agreed to have the insurer pay the approximately $100,000 ransom.
Examples of this abound throughout the rest of the post. Essentially, the insurance company simply calculates what will be the more expensive payout for the insurer: the ransom or the cost of recovery? If the cost of the ransom is less, the insurance company advises, and sometimes pressures, the client to decide to pay the ransom. This can often times look like the better option, as recovery from malicious disaster is time-consuming and comes without the assurance that a full recovery is even possible. What's a $10k deductible compared with a city's systems being down for two weeks? This can seem like a win for the insuree, or at least the most mitigated loss possible.The problem is what this does throughout the rest of the world, which is troubling trend number two.
As insurance companies have approved six- and seven-figure ransom payments over the past year, criminals’ demands have climbed. The average ransom payment among clients of Coveware, a Connecticut firm that specializes in ransomware cases, is about $36,000, according to its quarterly reportreleased in July, up sixfold from last October. Josh Zelonis, a principal analyst for the Massachusetts-based research company Forrester, said the increase in payments by cyber insurers has correlated with a resurgence in ransomware after it had started to fall out of favor in the criminal world about two years ago.One cybersecurity company executive said his firm has been told by the FBI that hackers are specifically extorting American companies that they know have cyber insurance. After one small insurer highlighted the names of some of its cyber policyholders on its website, three of them were attacked by ransomware, Wosar said. Hackers could also identify insured targets from public filings; the Securities and Exchange Commission suggests that public companies consider reporting “insurance coverage relating to cybersecurity incidents.”
To some degree, this happens whenever insurance is introduced into a specific market. Nefarious actors recognize how insurance companies calculate their decision making and react accordingly. Now that cyber insurance is commonplace, and given that those insurance companies very often recommend paying malware ransoms, there are more attacks asking for more money more often.The cyber insurance companies, in the interest of maximizing income and minimizing payouts on their own policies, are actually fueling the ransomware industry. You might guess that the industry would see this as a problem. Given the data, however, it's likely that the increase in attacks the insurance industry is fueling ultimately benefits the cyber insurance industry.
Driven partly by the spread of ransomware, the cyber insurance market has grown rapidly. Between 2015 and 2017, total U.S. cyber premiums written by insurers that reported to the NAIC doubled to an estimated $3.1 billion, according to the most recent data available.
That reads like a classic case of causing the problem for which you sell the cure. Nobody is suggesting that cyber insurance companies are doing this on purpose, of course, but that is indeed the practical effect.The real problem is that all of the incentives are wrong here if the ultimate goal is less ransomware. Fortunately, there will come a point where diminishing returns for the industry will incentivize it to try to reduce attacks. That's why, as the post notes, the best solutions for how to prevent ransomware attacks may well end up coming from the insurance industry itself.But in the meantime, ransomware continues to grow and grow, supercharged by the profit and loss needs of the industry that's supposed to oppose it.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 10-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



This Week In Techdirt History: September 1st - 7th

Furnished content.


Five Years AgoThis week in 2014, police in the UK were threatening domain registrars and abusing anti-terror laws to snoop on journalists (while keeping mum about just how often they do so), while the Culture Secretary was demanding that search engines magically stop piracy. Artist deadmau5 was embroiled in two crazy IP battles — one in which Ferarri was trying to block the sale of his decorated car, and another in which Disney was trying to block his attempt to trademark his logo (even as he discovered the company had been pirating his music). In Australia, a movie studio was comparing piracy to pedophilia and terrorism while ISPs were getting sued for wanting court orders before blocking websites. And the IFPI issued an especially bogus takedown notice demanding Kim Dotcom take his own album down from his own website.Ten Years AgoThis week in 2009, the Canadian recording industry was mobilizing in Toronto to push bad copyright ideas, the especially bad idea of a music tax was rearing its head yet again, Hollywood was making another attempt to start using selectable output control to block DVRs, and the UK IP Minister was defending kicking people off the internet. Both the new USPTO head and the Commerce Secretary were calling for more patents, approved faster — I guess like the insane one they granted saying that you can patent the idea of using precisely three knowledge bases to diagnose medical diagnostic decisions — while we got another example of the US's pressure on China to adopt a patent system turning around and biting it. But one of the worst ideas came from Microsoft's patent boss, who was calling for globalization of the patent system.Fifteen Years AgoThis week in 2004, outgoing MPAA boss Jack Valenti was continuing to misunderstand and misrepresent the digital word right up to the wire of retirement, while his incoming replacement Dan Glickman got off to a worrying start with a speech praising and defending Valenti's words and the export of the DMCA to Australia. Over at the RIAA, Mitch Glazier was still pushing the "sue everyone" angle, the INDUCE Act got a mostly-cosmetic update, and the downloadable music store market was still a mess. We did get one very important ruling though, with the Court of Appeals upholding the decision that it's not a DMCA violation to create third-party garage door openers, though the precedent it set was murky and not as clear-cut as one might have hoped.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 08-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



A New 'Taco Tuesday' Trademark Challenger Approaches: LeBron James

Furnished content.


As we've previously discussed, restaurant chain Taco John's has waged at least a decades-long war to try to pretend that its trademarked term, "Taco Tuesday," hasn't become generic. How the chain ever got what sure looks to be a purely descriptive trademark is anyone's guess, but armed with its trademark the company has since gone after other restaurants big and small for daring to host their own "Taco Tuesdays." If all of this sounds depressingly stupid to you, well, you're not wrong.You really would think the convergence of trademarks and tacos eaten on Tuesday couldn't get any dumber, except here comes LeBron James. Some background is probably in order. See, LeBron loves tacos. So much so, in fact, that he tends to eat them on many Tuesdays, all while Instagramming his family doing so and affecting a Hispanic accent while shouting about how much he loves Taco Tuesdays. That would have been only mildly interesting at best, except that LeBron's company has now decided to try to trademark the phrase. Side note: The New York Times should really be better about conflating copyright and trademark law, as you will see below.

On Aug. 15, a company called LBJ Trademarks LLC filed a request with the U.S. Patent and Trademark Office on behalf of Mr. James to copyright “Taco Tuesday.” The company seeks protection for use of the phrase in a host of forums, including “downloadable audio/visual works,” podcasts, social media, online marketing and “entertainment services.” USA Today first reported on the request this weekend.
There are layers of dumb here. First, it seems unlikely that Taco John's, wielding its own "Taco Tuesday" trademark, wouldn't be able to claim some level infringement in at least some of these market designations, even assuming the company doesn't have valid trademark registrations in those categories of its own. But, again, the fact that Taco John's has those trademarks on a descriptive phrase like "Taco Tuesday" is itself stupid. And, circling back to LeBron, the idea that he would take a phrase already-coined and famous, that he then simply shouted into social media, and then lock it up in a variety of markets is compounding the stupidity.But just to add a bit more to this, LeBron's spokesperson basically torpedoed any chance his company has of getting this trademark approved with the following comment.
“The filing was to protect the company from potential lawsuits should we decide to pursue any ideas, nothing of which is in development,” a spokesman for Mr. James said this week on (taco) Tuesday. “It has nothing to do with stopping others from using the term.”
"Should we decide to pursue any ideas, nothing of which is in development" might as well say, "We're not using this in commerce and don't have any plans to." Trademark law requires that the applied for mark be actively used or planned to be used in commerce, or else you don't get the trademark. Defensive marks like this simply aren't a thing. If the USPTO is made aware of the spokesperson's comments, it would be insane to approve this mark.Meanwhile, the whole Taco Tuesday trademark thing probably needs to just be invalidated to begin with.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 07-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Cops Digitally Erase Suspect's Facial Tattoos To Make Him Look More Like The Robbery Suspect Caught On Camera

Furnished content.


When the police have already decided who they like for some unsolved crime, almost nothing will stop them from getting their man. Investigations are supposed to involve investigating. But when a handful of tipsters said a black man robbed a bank, the Portland PD went to work trying to pin four bank robberies on one man. (via Simple Justice)The problem with this man was his list of distinguishing features. He had several -- all as plain as the tattoos on his face. (All photos via court documents.)

That's Tyrone Lamont Allen's booking photo. This is an image of the suspect captured by a bank's security system.
The first thing that jumps out of this photo is the lack of things that jump out. No tattoos on the face capture by bank cameras. Plenty of tattoos on the "suspect" the Portland police decided to arrest. But at least investigators did a little footwork first. And a little Photoshop work as well.Here's the photo they used of Allen in lineups shown to bank tellers at robbed banks.
Yeah, that's Tyron Allen -- minus everything that makes him distinctively Tyrone Allen. This is what the Portland PD did to steer witnesses into handing them the suspect they wanted to arrest.
[W]hen Portland police suspected Allen was involved in four bank and credit union heists, and none of the tellers reported seeing tattoos on the face of the man who robbed them, police digitally altered Allen’s mugshot.They covered up every one of his tattoos using Photoshop.“I basically painted over the tattoos,’’ police forensic criminalist Mark Weber testified. “Almost like applying electronic makeup.’’Police then presented the altered image of Allen with photos of five similar-looking men to the tellers for identification. They didn’t tell anyone that they’d changed Allen’s photo.Some of the tellers picked out Allen.
All of this came out in court, leading to a large number of lawyers and laypersons alike to say WTF. Allen's lawyer said the police basically "rigged the outcome" of the photo lineup. He's not wrong. But his client is not the first person this has happened to. Rigging lineups is a cop tradition. The only distinctive feature of this one is the use of Photoshop to remove distinctive features.Now, as Scott Greenfield points out, someone with a lot of facial tattoos and a predilection for bank robberies might realize those two qualities aren't a good mix. Allen could have altered his appearance so no teller would tell cops "look for the guy with all the face tattoos." (Reminder: none of the tellers told the cops to look for a guy with a lot of face tattoos.) But that would only have made Allen memorable for other reasons.
If a guy wanted to rob a bank, knowing he had rather unique facial characteristics that would make him very easy to ID, he could “sanitize” his appearance with makeup. But upon closer scrutiny, the theory has a flaw: the amount of makeup necessary to cover up Allen’s facial tats would itself have become an identifying characteristic. Even assuming he was highly skilled in the application of makeup, it would require so much makeup to accomplish a complete cover-up that the description would have been “guy in baseball cap, glasses and face covered in makeup.”
Having been caught implying all black guys look alike if you remove the stuff that makes them individuals, the government is now actually arguing that this is no different than digitally removing the hat and glasses the suspect in the camera footage is wearing. Altering photos is apparently "standard practice among investigators," according to Detective Brett Hawkinson, an 18-year veteran of altering lineup photos and the lead investigator on this case. He's the one who gave the orders to digitally delete Allen's tattoos before putting his face in the PD's photo lineup.Yes, this is standard practice. The lead investigator could name no official policy instructing cops to remove distinctive facial features from lineup photos, but of course there wouldn't be. It's an unofficial "standard practice" -- things cops do because of the gaping void where honesty and accountability should be. No one says this is how things should be done. But this is how things are done.This incident was particularly egregious. And it came out in court. Now more people are finding out exactly what law enforcement agencies mean when they use the word "investigation." It's rarely a search for unknown criminal suspects. More often, it's cops working backwards from foregone conclusions. This is ugly and cheap and the antithesis of the image law enforcement likes to present to the public: the good guys fighting the good fight. They're fighting dirty and they like easy wins and easy days as much as anyone in the private sector. If the corner you have to cut is the distinguishing features that would rule out your favorite suspect, so be it.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 07-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Judge Orders White House To Restore Reporter's Press Pass It Illegally Removed

Furnished content.


Just a few weeks ago, we wrote about how the White House was clearly setting itself up for another embarrassing failure in court when it removed the press pass of Brian Karem. This wasn't new. The same thing had happened a year ago. And yet, our comments filled up with a lot of nonsense about how we were wrong and "there is no right to a White House press pass" and a bunch of other nonsense.I'll be curious to hear the response from those same individuals now that a federal judge has ordered the press pass restored.

As the Court will explain below,Karem has, at this early stage of the proceedings, shown that he is likely to succeed on this dueprocess claim, because the present record indicates that Grisham failed to provide fair notice ofthe fact that a hard pass could be suspended under these circumstances. Meanwhile, Karem hasshown that even the temporary suspension of his pass inflicts irreparable harm on his FirstAmendment rights. The Court therefore grants Karem's motion for a preliminary injunction andorders that his hard pass be restored while this lawsuit is ongoing.
The court focuses mainly on the 5th Amendment due process claims, noting that those alone suffice to show that Karem is correct here. The judge goes into great detail about how the White House never did anything to suggest special decorum rules for these events, and thus the decision to ban Karem was arbitrary. The White House brought up all sorts of bizarre explanations insisting that it had provided adequate notice to Karem, but the judge points out that's just not true.
First, the letter's language, taken in its entirety, is ambiguous as to whether the WhiteHouse even intended to regulate events other than formal press conferences. Indeed, byexpressly limiting the scope of the promulgated rulesincluding the warning about thesuspension or revocation of . . . hard pass[es]to formal press conferences, the White Housearguably suggested that it was not going to police reporter behavior at other events, unlessunprofessional behavior occur[red] and it was forced to reconsider [its] decision bypublishing explicit rules.
Also, whatever "rules" there might have been were way too vague:
Theletter refers only to professional journalistic norms, Acosta Letter at 2, which is just asamorphous as the reasons for security language that the D.C. Circuit found insufficient inSherrill, 569 F.2d at 130. Though professionalism has a well-known common meaning, it isinherently subjective and context-dependent. Such abstract concepts may at times indicate whatis allowed and disallowed at the furthest margins, but they do not clearly define what isforbidden or permitted in common practice within those margins. The vagueness doctrine guardsagainst this danger by ensuring that regulated parties are able to discern, as a practical matter,what is required of them so they may act accordingly. Fox, 567 U.S. at 253.
The judge also notes that Karem's lawyers presented plenty of evidence of obviously much worse behavior that did not lead to press pass revocation:
Defendants appear to argue that, even if the meaning of professionalism may bedebatable in certain instances, Karem's behavior was clearly unprofessional in this instance.This contention appears to be grounded in the notion that a plaintiff who 'engages in someconduct that is clearly proscribed cannot complain of the vagueness of the law as applied to theconduct of others.'... Again, though, professionalism is context-dependent, and Karem has provided some evidence that WhiteHouse press events are often freewheeling and that aggressive conduct has long been toleratedwithout punishment. That evidence includes a characterization of the White House press corpsas an unruly mob of reporters. Ex. C at 5. It includes stories of how journalists have rudelyinterrupted presidents and berated press secretaries, Ex. D at 1; have breach[ed] etiquetteby heckling during presidential remarks, Ex. I at 1; and have shouted questions at theconclusion of Rose Garden events, drawing the ire of honored guests in attendance, see Ex. E at2; Ex. C at 4. The evidence even includes an account of how two reporters once engaged in ashoving match over positions in the briefing room. Ex. C at 5. This kind of behavior may haveoccasionally led the White House to speak with reporters' employers... but it apparently never resulted in the revocation or suspension of a hard pass.... And, as noted above, the Acosta Letter does notunambiguously signal a departure from that regime. In fact, the letter could reasonably be readto mean that the pre-existing regime would be maintained for the time being.Defendants, meanwhile, have submitted no evidence in support of their contention thatKarem's conduct was clearly proscribed under the existing professionalism policy. They instead rest entirely on Grisham's August 16 letter and its conclusions that Karem's actions, asviewed by a reasonable observer, (1) insulted invited guests of the White House, (2) threatenedto escalate a verbal altercation into a physical one to the point that the Secret Service deemed itprudent to intervene, and (3) re-engaged with . . . Gorka in what quickly became aconfrontational manner while repeatedly disobeying a White House staffer's instruction toleave. Ex. 10 at 8. But in light of the evidence that Karem has presented the first and thirdconclusions do not seem clearly sanctionable in the context of the White House press corps.And the second conclusion is not supported by the various video recordings of the July 11incident. No doubt, Karem's remark that he and Gorka could go outside and have a longconversation, id. at 3, was an allusion to a physical altercation, but the videos make clear that itwas meant as an irreverent, caustic joke and not as a true threat. And the videos belie the notionthat a Secret Service agent had to intervene to prevent a fight: the agent walks right past Karemas the exchange with Gorka is concluding (before returning upon hearing someone call Karem apunk ass). See Ex. 63 at 0:30-0:36; Ex. 61 at 0:23-0:27. Rather, Karem and Gorka each hadample opportunity to initiate a physical altercation, and they each made the decision not to.4Plus, Karem's interaction with Gorka in the Rose Garden was briefabout twenty seconds, seeEx. 63 at 0:09-0:31and it came after the President's remarks had concluded. This event wasalso one where jocular insults had been flying from all directions.... There is no indication in therecord that other offenders were reprimanded, or even told to stop.
The court notes that it need not really get into the 1st Amendment arguments, given the 5th Amendment points raised above, other than to order the immediate return of the press pass, because taking it away creates irreparable harm to Karem's 1st Amendment rights.
It is not merely an abstract, theoretical injury, either. As Sherrill recognized, where theWhite House has voluntarily decided to establish press facilities that are open to all bona fideWashington-based journalists, the First Amendment requires that individual newsmen not bearbitrarily excluded from sources of information. ... Such exclusion isprecisely what Karem is suffering here. His First Amendment interest depends on his ability tofreely pursue journalistically productive conversations with White House officials.... Yet without his hard pass, he lacks the access to pursue those conversationsevenas an eavesdropper. And given that the news is time-sensitive and occurs spontaneously, thatlack of access cannot be remedied retrospectively.
The case is not over, but for the time being the White House needs to restore Karem's pass. And I'll be eagerly waiting to see what those who insisted this case would go the other way have to say in our comments.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 06-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Epic Accuses Cheating Minor Of Continuing To Promote Cheat Software Even After Lawsuit

Furnished content.


Over the past year or so, we've been discussing Epic's somewhat strange ongoing legal dispute with a minor from Illinois over cheating software he developed for Fortnite. Epic initially went after a host of so-called cheaters for developing these tools, claiming that they were violating both copyright and TOS agreements for the game. It found out later that one of these targets was a minor. Instead of backing off in any respect, even after the child's mother petitioned the court with a letter asking it to dismiss the case as the minor can't have entered into a TOS agreement, Epic has since pressed the throttle to go after a child.This, as I argued at the time, should have been a PR nightmare for Epic. However, after the minor retained a proper non-maternal lawyer and put in a proper motion to dismiss, Epic contends that the minor continued both cheating in Fortnite as well as promoting his cheating software through alternate channels. If that's truly the case, it paints the teen in a much less flattering light.

While plenty of kids would be terrified facing a lawsuit like this, CBV didn’t appear to be impressed. In a YouTube video where he explained the situation last month, the 14-year-old said that he wouldn’t make Fortnite videos anymore. However, he was far from apologetic.“Fuck epic games. I mean, at least they can’t come after my channel anymore. I’m never gonna make another video. But if they really want to come at my neck for 100 Mil then they can just fuck their brand on their own,” CBV said.Among other things, the game publisher points out that CBV didn’t halt his cheating activities after the lawsuit was filed. On the contrary, Epic claims that the defendant made another cheating video on a separate channel and registered a new domain to sell cheats.“Defendant continues to develop and sell cheat software specifically targeted at Epic and Fortnite. Indeed, Defendant has created a new website located at <NexusCheats.us>, a domain name Defendant registered on August 1, 2019,” Epic writes.
While that looks bad, it also doesn't really effect the minor's central argument, which is that the kid was a minor and couldn't have entered into the TOS contract. Still, the courts tend not to look to fondly when the defendant is going around continuing the same activity that landed him in a lawsuit to begin with. Especially when said defendant is publicly spouting off like this.All of that, again, is merely flavor for Epic's argument that even as a minor the TOS agreement is valid, primarily as the minor "benefited" from agreeing to the TOS, which in this case meant accessing the game.
“His arguments that he is immune from those consequences, including his claim that this Court does not have jurisdiction over him because ‘he’s a kid,’ are without merit,” Epic tells the Court.According to Epic, not all contracts with minors are automatically void. There are exceptions, which it believes apply here. In addition, this “infancy defense” doesn’t apply, because the alleged cheater also reaped the benefits of these agreements. According to Epic’s response brief, the defendant was well aware of the potentially illegal nature of his activities – after being sued, banned and targeted with repeated DMCA notices – but he continued nonetheless.
None of this changes the reality that Epic is pursuing full force its questionable claim that cheating violates copyright against a teenager. This should still be a situation where PR overrides any legal merit and results in Epic settling this and moving on.But the defendant appears to be undermining that calculus by spouting off.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 06-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Three Years Later And The Copyright Office Still Can't Build A Functioning Website For DMCA Agents, But Demands Everyone Re-Register

Furnished content.


In early 2016, we wrote about an absolutely ridiculous plan by the Copyright Office to -- without any basis in the law -- strip every site of its registered DMCA agent. In case you're not aware, one of the conditions to get the DMCA's Section 512 safe harbors as a platform for user content, is that you need to have a "Designated Agent." As per 512(c)(2), it says:

Designated agent.The limitations on liability established in this subsection apply to a service provider only if the service provider has designated an agent to receive notifications of claimed infringement described in paragraph (3), by making available through its service, including on its website in a location accessible to the public, and by providing to the Copyright Office, substantially the following information:
(A) the name, address, phone number, and electronic mail address of the agent.(B) other contact information which the Register of Copyrights may deem appropriate.
The Register of Copyrights shall maintain a current directory of agents available to the public for inspection, including through the Internet, and may require payment of a fee by service providers to cover the costs of maintaining the directory.
Note that this says that Register of Copyrights shall maintain such a list. However, the Copyright Office, decided back around 2016 that there were too many "old" registrations in the database, and decided to literally dump every single registration, despite the law not allowing it to do so. It then instituted a new plan that said -- again, without any legal basis -- that every site not only needed to register, but it would need to re-register every three years or it would lose the safe harbor protections, which could expose sites to massive liability.In late 2016, this plan went into effect, and I detailed the incredibly bad computer system that the Office had put in place to handle such registrations, starting with the fact that the password requirements literally violate the federal government's own rules for passwords. Back in 2016, NIST told government agencies, among other things, to stop requiring random characters, upper and lower case, etc. and to stop expiring passwords with no reason.
Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.
So we were, well, not surprised back in 2016, that the Copyright Office's system ignored that rule not to include composition rules, and highlighted how they stupidly said:
Passwords must have at least 12 characters, with at least one lower case letter, upper case letter, number, and special character "!@#$%^&*()", and must not have any repeated letters, numbers, or special characters.
Not only did this violate NIST's guidelines, but it actually makes passwords significantly less secure by reducing the randomness of passwords, making them less secure.Anyway, three years have almost passed, and as per the new rules, the Copyright Office is about to kick everyone off again. For no good reason at all. Even better, they sent an email over the Labor Day weekend to alert people that they're at risk of losing their registrations if they don't re-register -- because it's not like people miss random, poorly formatted emails that literally come from "donotreply@loc.gov" when going through emails coming back from a long weekend. Thankfully, I also saw Eric Goldman's blog post about this, though I'm guessing not everyone who owns a website that needs 512 safe harbors protection reads his blog (unfortunately).Incredibly, it looks like the Copyright Office has done literally nothing to fix the problems of the system. Indeed, it turns out that things are even worse than before. Not only does the system still require "composition rules" that violate NIST's guidelines, it also expired everyone's passwords (which also violates the guidelines).
It actually proved significantly more difficult than expected to create a new password. Like everyone in the world should, I use a password manager to generate and store my passwords. But because of the Copyright Office's dumb rules, none of the passwords my password manager generated would work. I kept getting error message after error message, just telling me the same dumb, pointless, rules over and over again:
Even though it's literally bad practice to make your own passwords, I even tried to "edit" some of the auto-generated passwords to meet the rules, but it still didn't work, though I'm not sure why. One thing I discovered, while it says you have to use "special character" the list shown in that image is the entire set of allowed special characters. So, passwords using other special characters don't work, even though the Copyright Office's system doesn't bother to explain why it rejected your password. But special characters like "\>{]" and such don't work, even though there's no reason why they shouldn't, and most password generators will (smartly!) include them. Oh yeah, also this one stymied me for a really long time. The " mark is not allowed in a password, even though it sorta looks like it's included in that list. But it's not. It's just a pointless set of "quote marks" around the allowed symbols. This is not an intuitive system. It is not user friendly. It's is dumb, insecure, and violates NIST's rules -- as it did three years ago when I complained about it.Then you log in... and the information given to you is sorely lacking. First, at the very top, you get a message saying that the entire website may be offline for three whole days... a month ago. What? What the hell are they doing that they need to take a site offline for three whole days? And if they had to do system upgrades for that long, how the hell have they not made anything actually work right? And, most importantly, if that shutdown happened a month ago, why are they still showing the damn warning message?
From there, you are shown a weird chart with a lot of useless information -- but it is not at all clear how you re-register. There is no indication that you need to re-register. There is just your "service provider name," "registration number," "status," "last updated" and the ever useless "Action" box.
It turns out, to re-register, you have to click that little pencil, which the tooltip tells me is to "Edit." But I'm not "editing" anything. I just want to renew so I still am protected by the DMCA's safe harbors. It then makes me review everything multiple times, before telling me I need to pay $6, and sending me to a sketchy looking payment site (which I get is not run by the Copyright Office itself, but still).
I was almost afraid to give it my credit card.Either way, eventually it "worked," but in the most fucked up of ways. The website itself is then not exactly clear if this renewal adds on to my existing -- meaning do I get three more years from the date of my original three year registration in 2016 (which would be December 1), or if it simply starts the clock anew, as of the date I paid. It sure looks like they just started a new three year clock yesterday -- meaning they cheated me out of 3 months of coverage because I dared to renew promptly. So by being good and renewing in their stupid system nearly 3 months before I need to, they just chop off 3 months of the "service" they're providing me? How the fuck is that allowed? If you look at my original listing -- even though I'd paid up for 3 full years, they now show it as "inactive" and list the new one as "active."
And that's kinda fucked up. The current listing says "Active" for "September 3, 2019 to Present" which almost certainly means this one will expire September 3, 2022, even though it should go until December 1, 2022.
All of this is a complete mess. It's entirely unnecessary, and as Eric Goldman notes in his piece, when the Copyright Office rolled this out it "promised a smooth renewal process." This was anything but smooth -- and it's likely that plenty of sites may miss the fact that they have to do this, or get caught up in trying to get the damn system to work. While, thankfully, this hasn't impacted any sites directly that I'm aware of, it's only a matter of time until a site that thought it had a successful DMCA agent finds out it no longer does because the Copyright Office decided to change the entire process, and apparently can't build a freaking website that works or is even up to basic federal website standards.And, sure, $6 is cheap, but it's still pretty messed up that the Copyright Office simply lopped off three months of service they owed me because their own system is too poorly implemented to know to add on another three years at the end of my existing "subscription." It seems like something that shouldn't happen -- and one hopes that someone at the Copyright Office or the Library of Congress figures their shit out before September of 2022. But I have my doubts.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 05-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Even Kirk Herbstreit Thinks THE Ohio State Is Being THE Silliest With Its 'THE' Trademark Application

Furnished content.


A few weeks back, we talked about the dumbest trademark application I've ever seen, with the Ohio State University deciding to try to get a trademark on one of the most commonly used determiners in the English language: "The." Honestly, the whole thing is painfully stupid, as trademarking such a common word cannot possibly be worked into the original purpose of trademark law, but here we are. The only good thing thus far to come out of all of this was the University of Michigan's playful suggestion that maybe it should trademark the word "Of."Fortunately, it wasn't just us IP nerds who found all of this so silly. The public reaction writ large was fairly negative, with plenty of fun being had at the temerity of OSU. But what about OSU fans themselves? How would they react, given that all of this is built on the haughty insistence of NFL players emphasizing the "the" when announcing what school they attended?Well, Kirk Herbstreit is a useful thermometer for this, given that he is both probably college football's most recognized analyst and a former OSU football player. And, man, does he not have kind words for his alma mater.

College GameDay analyst Kirk Herbstreit, who played quarterback for the Buckeyes in the 1990s, was the subject of an interview with For The Win this week. He was asked about the whole trademark situation. He did not hold back."I've never really bought into that. My dad played at Ohio State, my dad coached with Woody Hayes. Ohio State’s always been Ohio State. I have a diploma that I’m looking at right now, and it says, “The” — T-H-E — Ohio State University, and nobody’s called it “The” Ohio State University, ever, as I grew up in the ‘70s, ‘80s and ‘90s. And then one night on Monday Night Football — I don’t remember who the player was but he said, “The Ohio State University,” and it stuck. And from that point on, all the fans and everybody started saying “The,” “The,” “The.” To me, it’s Ohio State — always has been, always will be. I think it’s kind of ridiculous, the whole “The” thing.It comes across to me as very arrogant. I’m just not a fan of it. I didn’t grow up with it. Nobody’s more Ohio State than me, and I never heard it. I never heard “The” in my life until maybe about 15 years ago."
Yeah, all of that. But when this move is getting this kind of reaction from someone like Herbstreit, you really have to start to wonder just what OSU is doing in keeping any of this up. It's a trademark that should, and probably will, be rejected for lacking originality and being too generic. It's a trademark that, by its nature, can't possibly be all that valuable even if granted. And it's apparently at best making the school look quite arrogant, if not creating outright anger, even among Ohio State fans.It's time to realize this play isn't working and abandon it. It's the smart thing to do.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 05-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Sony Is Feverishly Battling Vita Tinkerers Despite Vita Being Discontinued

Furnished content.


If ever there were a poster child for this strange new culture in which we don't actually own what we buy, there is a strong argument for making Sony the number one pick. Beyond all of Sony's day-to-day anti-consumer practices disguised as anti-piracy efforts, the company is also rather infamous for the Playstation 3 debacle, in which the console was rolled out with a feature that allowed buyers to install other operating systems on it, and then subsequently removed that feature via a firmware update. That Sony wasn't fully trashed in the legal and public opinions courts for doing so basically set the tone for the subsequent decade, where now this sort of bullshit is common practice.Which brings us to the present and a discussion on the Playstation Vita. The Vita, a Playstation hand-held device, has basically been retired with PlayStation Plus games no longer rolling out to the devices and new cartridges for the system no longer being manufactured. As there had been with the PS3, the Vita has a tinkering community around it that has long worked to jailbreak the hardware to allow it do other things. Piracy is part of that, sure, but so is emulation, running other sorts of software, tinkering with hardware performance, etc. Each time someone released a way to jailbreak the Vita, Sony would patch it with a firmware update.Including, most recently, this past week.

Less than a day after a new exploit for jailbreaking the Vita was discovered, Sony has already released a new firmware update to safeguard its sunsetting handheld.“Surprise! h-encore² released for PS Vita firmware 3.71,” Andy Nguyen, a Vita hacker behind the recent Trinity Exploit for jailbreaking the most up-to-date versions of the handheld, announced on Monday. Unlike the Trinity Exploit, which required using a PSP game to hack the Vita, h-encore² is a native hack, meaning it can be done directly on the system. And while some hacks on work on Vitas running older software, h-encore² was designed to work on any firmware version between 3.65 and 3.71, the most recent one.As if on cue, Sony announced firmware update 3.72 today.
A lot of the response to this has been the continued dismay that Sony won't let people who bought their freaking Vita do with it as they please. They own the hardware, but are restricted from using it the way they want. That's as insane as it was ten years ago.But there is another track some are responding to, namely: "Why the fuck is Sony continuing this whac-a-mole game with tinkerers for a device that has been essentially discontinued?
And for all intents and purposes, Vita has also been unofficially retired, leaving some people in the homebrew community scratching their heads about why Sony has seemingly redoubled its efforts to safeguard it. The Vita no longer gets new monthly PlayStation Plus games, and production of new game cartridges ended earlier this year. “I need a movie about the 4 guys at Sony who still have to work on the Vita in friggin 2019,” wrote one person on Twitter.
Maybe Sony Pictures can make such a film. Then, perhaps, we'd get some sort of firsthand explanation as to why Sony is so committed to ensuring people can't use their hardware the way they want that it continues that practice even after the death of said hardware.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 04-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Office Of Legal Counsel Sued For Refusing To Turn Over Legal Memos Congress Said Aren't Exempt From FOIA Law

Furnished content.


Another lawsuit has arisen from the Office of Legal Counsel's ongoing refusal to allow the general public to see its legal memos. The OLC claims these are categorically exempt from FOIA law because they constitute "deliberative" documents and/or are protected by attorney-client privilege.But they're not "deliberative." In some cases -- if not many cases -- the OLC's guidance tells government agencies what they can and can't do legally, providing justification for warrantless searches, extrajudicial drone strikes, and lots of domestic surveillance.In essence, the OLC is creating secret laws. Stupid amateurs (meaning the citizens who pay for the office that refuses to speak with them on an FOIA basis) apparently have no business knowing what the government has decided its okay for it to do.Once in a long while, a FOIA lawsuit forces a legal memo out of the office's hands. But for the most part, an unknown number of legal opinions remain locked up out of the reach of the citizens the government is supposed to be accountable to.The Knight First Amendment Institute is hoping a lawsuit will finally trigger a document dump from the opacity-prone OLC. FOIA law has changed in recent years, but the OLC has apparently chosen to ignore this.

In 2016... Congress amended the Freedom of Information Act to prohibit agencies from withholding as “deliberative” records more than 25 years old.[...]On February 15, 2019, the Knight Institute submitted a request to the OLC for all of its formal written opinions issued prior to February 15, 1994. To date, the government has failed to comply with the request.  
Since Congress has said older opinions can't be considered "deliberative" any longer, it's assumed the OLC will now claim these documents are protected by attorney-client privilege. The problem for litigants is the OLC's unending relationship with the government agencies it advises. These attorneys and clients are eternally inseparable.The OLC can't even be bothered with half-assed compliance. This goes hand-in-hand with its barely-there transparency efforts over the past few decades.As the lawsuit [PDF] points out, the OLC has been (very selectively) releasing decades-old legal opinions. But even with 40+ years lead time, the OLC still can't bring itself to release more than a small percentage of its secret law stuff.
In 1977, the OLC began to publish a volume of selected opinions given “their value as precedents and as a body of executive law on important matters.” According to the foreword to the first volume, however, approximately 75 percent of the 1977 opinions were excluded from publication.After 1977, the OLC stopped revealing how many opinions were excluded from its volumes. Some OLC volumes note that a “significant” number were excluded. These statements are consistent with the views of at least one former OLC official, who has stated that the “published opinions are only the tip of the iceberg.” For example, the same OLC official noted that the office “gave 625 opinions to outside agencies in 1991.” But the 1991 volume of OLC opinions published only 13 opinions, or about 2%.More recently, the Sunlight Foundation obtained the OLC’s internal list of OLC opinions issued between 1998 and 2012. Comparing the list with the OLC opinions that the office had made public either through its volumes or through FOIA productions, the Sunlight Foundation found that the OLC kept almost 40 percent of the office’s opinions secret over that period.
Hopefully, this litigation will force the agency to take a bright line approach to its legal opinions. They're given the full weight of the law by the agencies that comply with them, and yet the OLC continues to claim these are just suggestions and attorney-client conversations. But they're far more than that. They're laws the public can't read, can't comply with, and can't seek to have changed if they disagree with them.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 04-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



This Week In Techdirt History: August 25th - 31st

Furnished content.


Five Years AgoThis week in 2014, as the events in Ferguson prompted us to continue scrutinizing the police, we looked at how a federal law ordering the Attorney General to gather data on police use of force had been ignored for 20 years. President Obama ordered a review of the military gear given to police departments, but it didn't sound like it was going to result in any corrective action, even as we learned that cops were getting so much equipment that they were losing track of everything from rifles to Humvees. Some cops were facing felony charges for using government databases to screen potential dates, but when it comes to use of excessive force, the judicial system was a clear enabler.Ten Years AgoThis week in 2009, a Swedish court got The Pirate Bay taken down by ordering one of its main ISPs to stop serving it, while the judge in the IsoHunt case surprised the MPAA by noting that it actually needed to prove infringement by US residents, and the DOJ — fresh off the appointment of a bunch of top entertainment industry lawyers — announced more funding and a new focus on intellectual property enforcement. Music publishers really kicked their war against lyric websites into high gear, we saw some evidence that copyright holders might be seeding torrents of their own files to find and sue downloaders, and we featured an interview with William Patry about how the copyright debate got so twisted.But the real moment in Techdirt history this week in 2009 was that... we got hacked. Thankfully, the damage wasn't too severe.Fifteen Years AgoThis week in 2004, there was some suggestion that the Justice Department actually wasn't so keen on doing Hollywood's dirty work, though we know now how that ultimately played out. Indeed, the very same week, despite rumblings that the feds were going to announce a major crackdown on spammers, they ended up being more interested in going after file sharers and pirated software, followed by an attempt to make a big splash with a more general anti-cybercrime sweep that was basically just a press release.Also this week in 2004: our criticism of a journalist for misunderstanding Wikipedia turned into a bit of an ongoing debate, some people began wondering if the war on spam would fuel major AI advancements, and rumors re-emerged about the possibility of a Google browser.

Permalink | Comments | Email This Story


Read more here


posted at: 12:00am on 01-Sep-2019
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



September 2019
Sun Mon Tue Wed Thu Fri Sat
         







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (0)
 - Annoyances  (0)
 - Career_Advice  (0)
 - Domains  (0)
 - Downloads  (3)
 - Ecommerce  (0)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (0)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (0)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (3743)
 - Programming  (0)
     - Bookmarklets  (1)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (3)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (0)
     - Magazines  (0)
     - Online_Articles  (5)
 - Resume_or_CV  (1)
 - Reviews  (2)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (0)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (0)
          - The_Rest  (0)
          - USA  (0)
 - Technology  (1000)
 - Windows  (1)
 - Woodworking  (0)


Archives
 -2024  March  (115)
 -2024  February  (168)
 -2024  January  (146)
 -2023  December  (140)
 -2023  November  (174)
 -2023  October  (156)
 -2023  September  (161)
 -2023  August  (49)
 -2023  July  (40)
 -2023  June  (44)
 -2023  May  (45)
 -2023  April  (45)
 -2023  March  (53)
 -2023  February  (40)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com